Hi afrika1,
I don't think your different requirements do necessarily follow from each other.
The Windows Credential Providers sit in Session 0, and gets called by the authentication sub-system. You might be able to write one to modify the look and feel of the logon screen (I'm straying into an area I'm rather unfamiliar with), but you wouldn't use it for tracking what processes a user is running, or for preventing them from running any.
It sounds as if you want:
1) Customisation of the logon screen
2) Clamp down of what users can run and/or access when they are logged on
3) Auditing of what the users are doing when they are logged on.
I think in fact you should be able to do all of these without any coding, but maybe with optionally getting some third party products.
I'm afraid I'm no expert on these, but here are some ideas:
1) The Windows Logon screen is "brandable" - background screen, and from Windows 7 even the logo. (See, e.g.
http://www.addictivetips.com/windows-tips/how-to-change-windows-7-logon-branding/[
^])
Search the web for "Windows Credential Providers", "Customise Windows Logon", etc.
2) You should look into the myriad of options there are for clamping down Windows. E.g. you can prevent Task Manager from being run, or prevent certain actions from being carried out in it (such as shutdown, etc); prevent access to the desktop properties; remove access to the run command, etc, etc. They're all built in to windows.
For full control, you might want some third party software to prevent certain applications from running (you may even be able to do it with your anti-virus software) - or more to the point, only allow certain applications to run.
If you are using Group Policy on your system, you can set that to limit what applications can be run:
http://msdn.microsoft.com/en-us/library/ms811966.aspx[
^]
3) As for auditing, Windows has some built in (for some info see
http://social.technet.microsoft.com/wiki/contents/articles/325.advanced-security-auditing-in-windows-7-and-windows-server-2008-r2.aspx[
^]) but there are also COTS products available.
I hope that helps some.
Furthermore, if you only want to allow users to be able to browse the internet, there is a university library near me that has public access computers where the user can literally only use Internet Explorer. If they close it, the screen is blank, and a new session of IE starts. Not sure of the settings required for that, but shows that it can be done. Perhaps some more research is required.
Sorry if it's not useful - having never used a Cyber Café, I don't entirely know what you are wanting to do.
Regards,
Ian.