Vista Forums - View Single Post - Unable to backup stored logon credentials

12-17-2006

Hi Chad,

Many thanks for taking the time.

Unfortunately, no joy. SFC found no integrity violations.

V64 is installed on an NTFS partition (Intel Matrix RAID 1). I have
UAC disabled (doesn't everyone?). What I'm confused about is what
"device" is it complaining about? I'd look in the event viewer, except
it's now a nightmare in Vista there's so many logs and sections!

All I'm trying to do is create abackup of all the stored passwords. I
have around 15 RDP connections to other systems and I've stored all
the credentials into the key manager. I don't really want to lose
these when I reinstall (which I'm expecting to do frequently over the
next month or so as part of our evaluation).

If I could identify what device it was complaining about then it might
be a start. I've tried backing up to the C: drive and my USB flash
drive (J

. Any ideas how I would diagnose this? I can't imagine why
it would be looking for a device, other than the destination. The
message appears instantly, as soon as I have entered my password and
clicked to proceed.

My machine is standalone, not on a domain.

Cheers,

Jim

..On Sun, 17 Dec 2006 12:43:06 -0500, "Chad Harris"
<msftneedstogetoutvistainfo.net> wrote:

>Jim--
>
>Mine works and has all builds. It sounds as if simply a .dll or file there
>is corrupted. Try running System File checker by typing into an elevated
>cmd prompt sfc/ scannow. Right click cmd and click "run as administrator."
>See if that fixes it.
>
>If it's just backing up the password, I don't know why default behavior
>won't let you do this. I haven't tried to backup the password.
>
>You can always email it to yourself including web based email and then you
>have a backup anytime anywhere.
>
>You can also try to see if you can recover/backup any passwords with this
>utility but I think that the above solution will work for you:
>
>www.nirsoft.net PSPV at www.nirsoft.net/utils/pspv.html and you can also
>check their password utilities here:
>http://www.nirsoft.net/password_recovery_tools.html
>
>
>This may be of some help but I still think it's a file corruption problem.
>
>UAC blog on the Windows login prompt
>http://blogs.msdn.com/uac/archive/20...ame-field.aspx
>
>and I noticed this Jim from Daniel Oliver on the Windows Shell Team who I
>imagine works closely with UAC in integrating security for Windows login at
>the above link:
>
>"Is it possible to get the old default behavior back?
>
>Yes, it is. The behavior is controlled by a Group Policy setting and can be
>configured using gpedit.msc. Once in the MMC snap-in, use the tree control
>to navigate to...
>
>Local Computer Policy -> Computer Configuration -> Administrative
>Templates -> Windows Components -> Credential User Interface -> Enumerate
>administrator accounts on elevation
>
>"Enable this Group Policy setting.
>
>Why did the UAC team make this change?
>
>During enumeration of local machine administrators, the system must contact
>a domain controller (DC). While this enumeration occurred, an indeterminate
>progress bar appeared within the user list region. We received a large
>amount of feedback regarding the long period of time this progress bar took
>to disappear. We analyzed the problem in detail and found users experiencing
>unusually slow performance when the DC was unavailable or slow to respond.
>In order to place the dialog box in front of users as fast as possible, we
>changed the default behavior. Speed.
>
>How do I change the domain field?
>
>By default, the Password Provider will pre-append the domain (or machine
>name in the workgroup case) to serialized credentials. The uneditable string
>below the password field indicates the domain (or machine name) that will be
>used. To specify a different domain, it must be entered in the user name
>field. The correct format is domain\username or username@domain. The domain
>field will update automatically. This is the same convention used during
>logon.
>
>How does this Group Policy setting function on workgroup machines?
>
>Enumerate administrator accounts on elevation has a slightly different
>meaning on workgroup machines. By default (that is, the setting has been
>neither enabled nor disabled), the Password Provider will list all local
>administrators on the machine. When enabled or disabled, this policy behaves
>exactly the same as in the domain-joined scenario.
>
>How does this Group Policy setting affect other credential providers?
>
>The Microsoft Smart Card Provider is not affected at all by this change. We
>recommended credential providers written by ISVs respect the settings in
>Group Policy."
>
>-- Daniel Oliver
>
>Windows Shell Team
>
>Published Thursday, October 12, 2006 7:24 AM by User Account Control Team
>
>
>Also check on other interesting security references:
>
>http://blogs.msdn.com/windowsvistasecurity/
>
>http://blogs.technet.com/steriley/
>
>Why administrative passwords will never be like nuclear missile launchers
>http://blogs.technet.com/steriley/ar...launchers.aspx
>
>CH
>
>"Jim" <jim@nospam.com> wrote in message
>news:7hlao251o9bdaausauvm5d4j89llji16rv@4ax.com...
>> Vista x64 RTM
>>
>> Control Panel, User Accounts, Manage your network passwords, Backup
>>
>> I'm prompted for a lcoation (C:\X.crd) and I'm then prompted to press
>> Ctrt+Alt+Delete. I then enter a password.
>>
>> I've then shown a screen "A device attached to your system is not
>> functioning".
>>
>> I've tried backing up to different locations, but I always get the
>> same message.
>>
>> Can anyone else get this to work?
>>
>>
>> Many thanks,
>>
>>
>>
>> Jim

12-17-2006	#3 (permalink)
Jim n/a posts	Re: Unable to backup stored logon credentials - anyone else? Hi Chad, Many thanks for taking the time. Unfortunately, no joy. SFC found no integrity violations. V64 is installed on an NTFS partition (Intel Matrix RAID 1). I have UAC disabled (doesn't everyone?). What I'm confused about is what "device" is it complaining about? I'd look in the event viewer, except it's now a nightmare in Vista there's so many logs and sections! All I'm trying to do is create abackup of all the stored passwords. I have around 15 RDP connections to other systems and I've stored all the credentials into the key manager. I don't really want to lose these when I reinstall (which I'm expecting to do frequently over the next month or so as part of our evaluation). If I could identify what device it was complaining about then it might be a start. I've tried backing up to the C: drive and my USB flash drive (J. Any ideas how I would diagnose this? I can't imagine why it would be looking for a device, other than the destination. The message appears instantly, as soon as I have entered my password and clicked to proceed. My machine is standalone, not on a domain. Cheers, Jim ..On Sun, 17 Dec 2006 12:43:06 -0500, "Chad Harris" <msftneedstogetoutvistainfo.net> wrote: >Jim-- > >Mine works and has all builds. It sounds as if simply a .dll or file there >is corrupted. Try running System File checker by typing into an elevated >cmd prompt sfc/ scannow. Right click cmd and click "run as administrator." >See if that fixes it. > >If it's just backing up the password, I don't know why default behavior >won't let you do this. I haven't tried to backup the password. > >You can always email it to yourself including web based email and then you >have a backup anytime anywhere. > >You can also try to see if you can recover/backup any passwords with this >utility but I think that the above solution will work for you: > >www.nirsoft.net PSPV at www.nirsoft.net/utils/pspv.html and you can also >check their password utilities here: >http://www.nirsoft.net/password_recovery_tools.html > > >This may be of some help but I still think it's a file corruption problem. > >UAC blog on the Windows login prompt >http://blogs.msdn.com/uac/archive/20...ame-field.aspx > >and I noticed this Jim from Daniel Oliver on the Windows Shell Team who I >imagine works closely with UAC in integrating security for Windows login at >the above link: > >"Is it possible to get the old default behavior back? > >Yes, it is. The behavior is controlled by a Group Policy setting and can be >configured using gpedit.msc. Once in the MMC snap-in, use the tree control >to navigate to... > >Local Computer Policy -> Computer Configuration -> Administrative >Templates -> Windows Components -> Credential User Interface -> Enumerate >administrator accounts on elevation > >"Enable this Group Policy setting. > >Why did the UAC team make this change? > >During enumeration of local machine administrators, the system must contact >a domain controller (DC). While this enumeration occurred, an indeterminate >progress bar appeared within the user list region. We received a large >amount of feedback regarding the long period of time this progress bar took >to disappear. We analyzed the problem in detail and found users experiencing >unusually slow performance when the DC was unavailable or slow to respond. >In order to place the dialog box in front of users as fast as possible, we >changed the default behavior. Speed. > >How do I change the domain field? > >By default, the Password Provider will pre-append the domain (or machine >name in the workgroup case) to serialized credentials. The uneditable string >below the password field indicates the domain (or machine name) that will be >used. To specify a different domain, it must be entered in the user name >field. The correct format is domain\username or username@domain. The domain >field will update automatically. This is the same convention used during >logon. > >How does this Group Policy setting function on workgroup machines? > >Enumerate administrator accounts on elevation has a slightly different >meaning on workgroup machines. By default (that is, the setting has been >neither enabled nor disabled), the Password Provider will list all local >administrators on the machine. When enabled or disabled, this policy behaves >exactly the same as in the domain-joined scenario. > >How does this Group Policy setting affect other credential providers? > >The Microsoft Smart Card Provider is not affected at all by this change. We >recommended credential providers written by ISVs respect the settings in >Group Policy." > >-- Daniel Oliver > >Windows Shell Team > >Published Thursday, October 12, 2006 7:24 AM by User Account Control Team > > >Also check on other interesting security references: > >http://blogs.msdn.com/windowsvistasecurity/ > >http://blogs.technet.com/steriley/ > >Why administrative passwords will never be like nuclear missile launchers >http://blogs.technet.com/steriley/ar...launchers.aspx > >CH > >"Jim" <jim@nospam.com> wrote in message >news:7hlao251o9bdaausauvm5d4j89llji16rv@4ax.com... >> Vista x64 RTM >> >> Control Panel, User Accounts, Manage your network passwords, Backup >> >> I'm prompted for a lcoation (C:\X.crd) and I'm then prompted to press >> Ctrt+Alt+Delete. I then enter a password. >> >> I've then shown a screen "A device attached to your system is not >> functioning". >> >> I've tried backing up to different locations, but I always get the >> same message. >> >> Can anyone else get this to work? >> >> >> Many thanks, >> >> >> >> Jim
My System Specs