Users are not validated through custom plugin

[maheshmadhyastha7]

Hi,
I have a custom authentication and authorization plugin written and configured in pgina.
Only first time when user logs in, the users are authenticated and authorized against the plugin. However for subsequent login, only LocalMachine is used for authentication and authorization.
I am using pGina fork 3.9.9.12.

Can anyone help?
pGina.Service.ServiceHost_log.txt

[maheshmadhyastha7]

I am trying to login on Windows using Remote Desktop Connection it seems that it checks only for local accounts password instead of custom plugin accounts. In that way with RDP it works only last synchronized user password, instead of last valid one on my custom plugin.

[maheshmadhyastha7]

Can anyone help?

[MutonUfoAI]

In Windows 10 a login has to happen fast not like in Windows 7 where you had plenty of time.
Windows 10 will push you to the lock screen if your login process take to long
2020-02-17 07:36:32,572 [2268|3|INFO ] pGina.Service.Impl: SessionChange: 4 -> RemoteDisconnect

the next problem is pgina itself. Sometimes, out of the blue, the pipe breaks down .... I need to change the whole pipe stuff from c# to c++ code. In my environment is see the error extreme seldom, and if it happens no harm was done.
2020-02-17 07:36:52,900 [2268|22|ERROR] Abstractions: Error while trying to open pipe server: System.IO.IOException: Pipe is broken.
at System.IO.Pipes.PipeStream.WinIOError(Int32 errorCode)
at System.IO.Pipes.PipeStream.WriteCore(Byte[] buffer, Int32 offset, Int32 count)
at Abstractions.Pipes.Pipe.WriteMessage(BinaryWriter writer, IDictionary2 msg) at Abstractions.Pipes.Pipe.DefaultMessageHandler(BinaryReader reader, BinaryWriter writer, Func2 callback)
at Abstractions.Pipes.Pipe.HandlePipeConnection(BinaryReader reader, BinaryWriter writer, IDictionary`2 initialMessage)
at Abstractions.Pipes.PipeServer.ServerThread()

Is there a need to let Local Machine process all those groups again?
SyncToLocalUser()
It takes 40 sec to to that ....

To your problem
pGina.Plugin.WPMC.WpmcPlugin is called every time you log on
but not if you are unlock a session
Thats the way it should be
look

[maheshmadhyastha7]

The problem is pGina.Plugin.WPMC.WpmcPlugin is not invoked when user logs off and login.
Also , 2020-02-17 07:36:52,900 [2268|22|ERROR] Abstractions: Error while trying to open pipe server: System.IO.IOException: Pipe is broken, do you think is it because of some group policy which blocks it by any chance.

[MutonUfoAI]

In your example you lock and unlock the user

2020-02-17 07:47:32,311 [2268|6|INFO ] pGina.Service.Impl: SessionChange:5 7
2020-02-17 07:47:32,313 [2268|45|INFO ] pGina.Service.Impl: SessionChange: 5 -> SessionLock
2020-02-17 07:47:32,454 [2268|6|INFO ] pGina.Service.Impl: SessionChange:5 4
2020-02-17 07:47:32,456 [2268|43|INFO ] pGina.Service.Impl: SessionChange: 5 -> RemoteDisconnect
2020-02-17 07:47:32,544 [2268|6|INFO ] pGina.Service.Impl: SessionChange:6 4
2020-02-17 07:47:32,546 [2268|37|INFO ] pGina.Service.Impl: SessionChange: 6 -> RemoteDisconnect
2020-02-17 07:47:32,767 [2268|6|INFO ] pGina.Service.Impl: SessionChange:5 3
2020-02-17 07:47:32,770 [2268|39|INFO ] pGina.Service.Impl: SessionChange: 5 -> RemoteConnect
2020-02-17 07:47:32,862 [2268|6|INFO ] pGina.Service.Impl: SessionChange:5 8
2020-02-17 07:47:32,865 [2268|37|INFO ] pGina.Service.Impl: SessionChange: 5 -> SessionUnlock

and the pipe error always occurs during a remotedisconnect while logging on. So no harm is done.