I know from XP machines, that when enabling "Require Endpoint Encryption re-logon", a Windows user has to authenticate against the EEPC GINA instead of MSGINA.
Using Tokens, this gives the benefit of being able to use the Token to log in.
Now in Windows 7 this feature does NOT display the EEPC GINA, but a user can still use his Token to authenticate, as if the EEPC GINA was there.
Is this the way it is supposed to be?
And by the way...
has at some point in time the option "Endpoint Encryption logon component always active" had any changes to it?
In this case disabling it does not affect the GINA on the client; neither on XP nor 7.
W7 does not use a GINA (neither does Vista), so you won't ever see a GINA window - it's completely different.
also the option "Always active" makes no sense on Vista and W7 for this same reason.
Vista introduced something called "Credential Providers" to replace GINA modules - it's worth reading up on how they differ architecturally if you're interested.
Thanks for your reply.
I was aware of the use of credential providers in Vista and 7, though I didn't mention it anywhere above. Sorry.
Ok, now I understand why the "always active" option won't do anything on 7 machines.
Do the other options still work?