Microsoft KB Archive/933810

= The NTLM credentials of an account become invalid after you enable or disable KITL during the startup of an x86-based device that is running Windows CE =

Article ID: 933810

Article Last Modified on 4/27/2007

-

APPLIES TO


 * Microsoft Windows CE 5.0
 * Windows Embedded CE 6.0

-





SYMPTOMS
Consider the following scenario. You have an x86-based device that is running Microsoft Windows CE. You enable or disable Kernel Independent Transport Layer (KITL) during the startup of the device. You create a new account by using the NTLMSetUserInfo API on the device. You store the NTLM credentials of the account by using persistent registry. You change the KITL setting during the next startup of the device. In this scenario, the NTLM credentials of the account become invalid.



CAUSE
The implementation of the IOCTL_HAL_GET_DEVICEID input/output control (IOCTL) must be unique for every Windows CE device. In an x86-based Board Support Package (BSP), the default implementation of the IOCTL_HAL_GET_DEVICEID IOCTL returns different BOOTME names according to the KITL setting. The device ID changes depending on whether KITL is enabled. Therefore, NTLM creates a different hash for the password of the account, depending on the device ID.



RESOLUTION
To resolve this problem, change the default implementation of the OALKitlCreateName function. After you change the default implementation of the OALKitlCreateName function, the OALKitlCreateName function copies the BOOTME name into the szDeviceName parameter. Therefore, the device ID does not change, regardless of whether KITL is enabled.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

Keywords: kbexpertisebeginner kbfix kbhotfixserver kbqfe kbpubtypekc KB933810

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.