From bc8ffb53f70352fbe015e39b2a726180917f5544 Mon Sep 17 00:00:00 2001 From: Justinha Date: Tue, 24 Jan 2017 10:33:51 -0800 Subject: [PATCH] changed references WinInit.exe to WinInet --- ...o-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/keep-secure/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md b/windows/keep-secure/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md index fd0aadca6c..a47a3fcb64 100644 --- a/windows/keep-secure/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md +++ b/windows/keep-secure/how-to-use-single-sign-on-sso-over-vpn-and-wi-fi-connections.md @@ -26,10 +26,10 @@ The credentials are put in Credential Manager as a "`*Session`" credential. A "`*Session`" credential implies that it is valid for the current user session. The credentials are also cleaned up when the WiFi or VPN connection is disconnected. -When the user tries to access a domain resource, using Edge for example, Edge has the right Enterprise Authentication capability so WinInit.exe can release the credentials that it gets from the Credential Manager to the SSP that is requesting it. +When the user tries to access a domain resource, using Edge for example, Edge has the right Enterprise Authentication capability so [WinInet](https://msdn.microsoft.com/library/windows/desktop/aa385483.aspx) can release the credentials that it gets from the Credential Manager to the SSP that is requesting it. For more information about the Enterprise Authentication capability, see [App capability declarations](https://msdn.microsoft.com/windows/uwp/packaging/app-capability-declarations). -The local security authority will look at the device application, such as a Universal Windows Platform (UWP) application, to see if it has the right capability. +WinInet will look at the device application, such as a Universal Windows Platform (UWP) application, to see if it has the right capability. If the app is not UWP, it does not matter. But if it is a UWP app, it will look at the device capability for Enterprise Authentication. If it does have that capability and if the resource that you are trying to access is in the Intranet zone in the Internet Options (ZoneMap), then the credential will be released.