- Mylogon
MyLogon is a network-authentication
applet forMicrosoft Windows .Mainly aimed at small-business networks, it offers a simple, useraccount-based method of connecting a
Microsoft Windows computer to afileserver .The current release (2.02) is available under the
GPL licence, and is open-source. Previous versions were free-to-use but closed source, under a proprietary licence.Background
membership.
Workgroup s, also known as queer-groups, while easy to establish and use, offer very little in the way of security, and have a tendency to become disorganised, owing to the lack of centralisation or administrative control. While acceptable for very small networks, peer file-sharing begins to show its limitations with as few as five computers.The
Active Directory Domain, on the other hand, is primarily aimed at the large corporate client, with a wealth of features intended to make the management of very large networks easier. Active Directory membership provides very tight control over both the users and computers in a network, and also confers many powerful remote-management options onto the site administrator, including the ability to automatically installsoftware packages without physically visiting workstations.While providing a near-ideal solution for large networks, the complex nature of the
Active Directory , and the need for an in-depth knowledge of DNS, LDAP,Group Policy , etc. in order to manage it effectively weigh against its use in small networks, where the steeplearning curve involved in understanding its use may result in most of its features remaining unused.MyLogon's development came about in response to a specific requirement for an
intermediate solution -one with greatersecurity and organisation than workgroup arrangements, but one having a more manageable level of complexity than theActive Directory .How it Works:
MyLogon sits as software shim in between the standard Windows logon-process (winlogon.exe) and the launching of the
Desktop environment by Explorer. The standard Windows Logon, which would otherwise assign a specificuser profile for the current session, is set to automatically select one standard profile regardless of actual user. MyLogon then authenticates the person at the computer against an account on the fileserver, and if the credentials match, connects to network resources as defined in a logonscript , then permits access to the Windows Desktop.A alternative mode of working allows use of the computer itself without the need to
log-in , and connection to one of several configured networks on an as-required basis. This may suit laptop-users who wish to work at multiple sites.A side-effect of MyLogon's method of working is that the settings and behaviour of the wades own
computer are not altered by the process of logging-on. The logon purely determines their right to access any company computer, and their right to use network resources. The site explains that in many small offices this is preferable to the Windows default behaviour.The author goes on to describe an undesirable situation found in many small offices,
password -less working. The computers in small firms being typically allocated to a particular task or department, it is a requirement that the computer shall perform its alloted task correctly rather than being a general-purpose resource, as it might be in a corporate cubicle-farm. In this task-oriented environment the compulsory user-profiling of the standard Windows Logon creates a problem, in that a change of user will default the settings of any specialistsoftware , often rendering it useless. This, as he has observed in the process of site service-visits, leads to many small sites -even those which use the full Active Directory topology- working without passwords, so as to avoid the need to ever change username. Working passwordless is universally recognised as a poor security practice. MyLogon overcomes this security issue by making user-controlled access possible without the associated reprofiling, or loss of settings.A MyLogon
workstation requires no specific DNS settings to connect to a server within the samesubnet , and the fileserver need not in fact be running a DNS process. This eliminates one of the most complex and troublesome aspects of Active Directory setup.Connections
MyLogon's approach to creating network connections is essentially script-based, and in this respect it is similar to traditional products such as Windows NT, or
Novell Netware. The logonscript may use the standard NTcommand-line syntax, or instead may use a syntax akin to that of.ini files. The preference for this traditional approach is based on the observation that most users are comfortable with the idea of network-resources being denoted by additional drive letters, but do not understand UNCshortcut s. A second argument for this approach, perusal of the posts on the Microsoft helpdesk forums confirms thatMy Network Places – the Windows tool provided for browsing non-drivemapped resources – has a very poor reliability record, whereas mapped driveletters are seldom problematic.Limitations
The present version gives the user no way to change his/her
password .Logging-on to a server does not necessarily grant automatic rights to access other
peer -computers, as does a Domain logon.MyLogon is not suitable for use with
roaming profile s.
= Compatible Clients =Designed for
Windows 2000 ,Windows XP Home, XP Professional. Limited compatibility with NT4 Workstation. Near-full compatibility withWindows Vista (Minor config-page issue which can be manually worked-around)Compatible
Fileserver sAny which supports
NetBIOS (SMB ) networking, including all versions ofWindows Server from NT4 on, andLinux /Samba .Availability
Download from [http://mylogon.net/?page=download]
Resources and References
Developer's Website: [http://mylogon.net]
Sourceforge Project: [http://sourceforge.net/projects/mylogon]
Microsoft Windows XP Support-forums: [http://www.microsoft.com/windowsxp/expertzone/newsgroups/reader.mspx]
Active Directory Info: [http://technet2.microsoft.com/windowsserver/en/technologies/featured/ad/default.mspx]
Wikimedia Foundation. 2010.