Login script causes user to hang on second login

[martimarkov]

1. I uninstalled pGina 3.9.9.10

2. Rebooted

3. Removed the registry settings

4. Installed pGina 3.9.9.11

5. Rebooted

6. Login with pgina user

7. Logout

8. Login with pgina user

9. Logout

10. Login with local machine user

11. Configured the login script step to execute a PowerShell script: powershell.exe -executionpolicy bypass -file C:\webdavMonitor.ps1 -password %p > C:\Logs\mount_log.txt

12. Logout

13. Login with pgina user (script not working but I can debug with a few tries as this is not the problem i think; thou the script does have an infinite loop inside; )

14. Logout

15. Login with local machine user

16. No processes or sessions are active from previous pgina user

17. Logout

18. Login with pgina user

19. The screen hangs on "You will be logged in. Please wait ..." The cancel button is not responsive.

20. The only solution is to reboot the machine. I can't attach the log as I'm not physically next to the machine.

I have the default scripts enabled thought the testing and they seem to behave fine.

[MutonUfoAI]

The log is mandatory to solve this issue.

[martimarkov]

pGina.Service.ServiceHost_log.txt
pGina.Configuration_log.txt
pGina.InstallUtil_log.txt

Here are all logs.

company_name is the name of the machine user (admin) and also the name of the company as the domain name
pgina_user_account is the name of the pgina/ldap user

[MutonUfoAI]

updated the doc
4e75f66
http://mutonufoai.github.io/pgina/documentation/plugins/scripting.html

[martimarkov]

I'm guessing this is a changed behavior. Out of curiosity: Why/what was the reason? :)

[MutonUfoAI]

Nothing has changed
It works's that way

[martimarkov]

Well, it did work without a problem in the previous .10 release. Also maybe there should be a timeout, instead of having to reboot the machine. Also the cancel button is non responsive.

[martimarkov]

Is there a way for the script to be visible? To check what is going inside?

[martimarkov]

Another piece of info. I'm now getting a message saying that a program was started not by pgina and therefore the user cannot login. I'm using this as a logon script: cmd.exe /c start ”” /i powershell.exe ....

[martimarkov]

Ok, so at the very least this script runs in some different session. I have mounted a webdav drive and the powershell script can list the directory but i can't access it as the user. This was definitely not the case in the previous version.

[MutonUfoAI]

If your script is mounting the webdav folder as a different user than only this user is able to use it.
If you only need to mount a webdav folder, why not use net use ?

[martimarkov]

Inside the script net use is used and then does some other thing after the mount. The script runs as the current user. Again the problem here is not the script as it worked before but rather changed behaviour in the new release.

[MutonUfoAI]

I've verified the plugin and its working properly
Add your script @ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
or @ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
and test it ...........

[martimarkov]

Thanks, will do tonight and report.

[martimarkov]

Just tried it by putting the script inside C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup and it works. Anything other you can think of I can test?

I do think it is the way the invoke function was changed as previously it was running: StartUserProcessInSessionWait and the userToken there is probably different than hToken the one in StartProcessAsUserWait. We are getting it from different functions:

This seems like the only difference in the logic between the versions.

[MutonUfoAI]

I'm using StartUserProcessInSessionWait() now for user logon scripts
and only logoff user script are using StartProcessAsUserWait()
Test it with this version .....
pGinaSetup-3.9.9.11.zip

[martimarkov]

Just tested it. It works.