Wireless network hangs at validating identity
With the credential provider architecture, Winlogon always launches Logon UI after it receives a SAS event.
Logon UI queries each credential provider for the number of different credential types the provider is configured to enumerate.
Credentials are collected through user input on the logon user interface or coded through the API to be presented to the authenticating target.
Local security information is stored in the registry under HKEY_LOCAL_MACHINE\SECURITY.
Credential provider architecture The credential provider architecture applies to Windows Server 2008 R2, Windows Server 2008, Windows 7, and Windows Vista.
Authentication components for all systems is the executable file responsible for managing secure user interactions.
The Winlogon service initiates the logon process for Windows operating systems by passing the credentials collected by user action on the secure desktop (Logon UI) to the Local Security Authority (LSA) through Secur32
In these systems, the credentials input architecture changed to an extensible design by using credential providers.
These providers are represented by the different logon tiles on the secure desktop that permit any number of logon scenarios—different accounts for the same user and different authentication methods, such as password, smart card, and biometrics.
The following diagram shows the components required and the paths that credentials take through the system to authenticate the user or process for a successful logon.