XP single sign-on applications fail on Windows 7

ChangeBase, a company specialising in application compatibility testing, said a wide range of applications would not work under Windows 7.

They include biometric devices, smart card authentication and virtual private network for remote user authentication.

Users attempting to migrate from Windows XP to Windows 7 will need to update their single sign-on applications, said Greg Lambert, technology director.

The problem follows a change in the Microsoft authentication component, orginally introduced in Windows Vista. Windows Vista has gained little traction in business, making the problem a non-issue for most organisations until now.

But Microsoft plans to use the technlogy to provide user authentication on future Windows operating systems, including Windows 7 and Windows 2008 Release 2.

Microsoft has confirmed the problem on its Microsoft Developer Network blog. It explains that Microsoft has replaced The Graphical Identification and Authentication (GINA) component from Windows XP with two components, LogonUI and WinLogon.

"The user will not be able to successfully install custom logon applications," Microsoft says. "The user will not be able to log on using custom logon applications using the Windows XP technology."

The popular iPass virtual network product is one of the technologies affected.

Matt Cooke, senior product marketing manager at iPass, says, "GINA is one of the configurations people can use [on iPass] for single sign-on. There are a few tweaks we have to make with Windows 7 to address incompatibility. We will have a beta release of iPass for Windows 7 from October."

But as Matt Cooke notes, some of the other changes Microsoft has made might make it easier for his company in the future. "The Windows 7 Direct Access VPN feature supports the NDIS device driver standard for network cards, which will make it easier for us to support mobile broadband."

Microsoft has made changes to its authentication component to simplify how applications run single sign-on. In the long run, applications should run better, but in the short term, businesses could face difficulties porting their existing authentication applications to Windows 7.

This article was first published by Computer Weekly

What’s hot on Infosecurity Magazine?