Skip to content

Enterprise Mobility + Security

Weeks ago I blogged about how single sign on and credential providers work and a scenario you can run into with them. One reader faced a slightly different scenario but was able to apply that topic toward getting his issue resolved.

He had installed a credential provider for testing purposes. Unfortunately, once the credential provider was installed he was unable to logon at all. In his case he knew what the problem generally was-the provider he was testing-but initially wasn’t certain how to remove it since he couldn’t successfully logon to the computer. Some folks are probably thinking ‘hey, what about Safe Mode?’. Unfortunately, Safe Mode will not allow uninstalls since the Installer Service is not running.

You can disable a 3rd-party credential provider in the registry without deleting credential provider key. Each provider on the system is specified by a subkey whose name is the provider’s CLSID under HKLMSoftwareMicrosoftWindowsCurrentVersionAuthenticationCredential Providers.

To disable the provider add a REG_DWORD value “Disabled“=1 to that provider’s CLSID subkey. The provider will be disabled on the next session creation (sessions are created when you log off, switch users, or reboot.

The above can be done by remotely connecting to the target computers registry using the Regedit.exe FileàConnect To Network Registry option. Alternatively, you can reboot into Safe Mode to do your registry editing. As mentioned above, in Safe Mode LogonUI will only load the built-in username/password provider.

Special thanks to Don Woeltje from the College of St. Catherine for relaying his experience.