hi, I have various versionof UltraVNC running in a domain environment with MSLogon enabled on all workstations.
I have an AD group for IT users so they can authenticate to user workstations.
On some workstation an IT users get Authentication Failed when they attempt to VNC into users workstations.
Myself and another tech can, under the IT users domain login, VNC into a target workstation and authenticate with OUR AD credentials without issue.
So, the VNC viewer works and can connect to the target workstation.
I verified that the IT users being rejected are in fact in the MSLogon AD group, and the target workstation
has that group listed in the MSLogon ACL, with Domain checked.
Any ideas?
thanks
paolo
After more 1 000 000 (one million) views on forum for 1.5.0.x development versions... and 1.6.0.0 version
A new stable version, UltraVNC 1.6.1.0 and UltraVNC SC 1.6.1.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38080
Feedback is welcome
Celebrating the 22th anniversary of the UltraVNC (25th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38031
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
Development: UltraVNC development is always here... Any help is welcome.
A new development version, UltraVNC 1.6.3.0-dev has been released, please test it: https://forum.uvnc.com/viewtopic.php?t=38091
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
A new stable version, UltraVNC 1.6.1.0 and UltraVNC SC 1.6.1.0 have been released: https://forum.uvnc.com/viewtopic.php?t=38080
Feedback is welcome
Celebrating the 22th anniversary of the UltraVNC (25th anniversary since the laying of the foundation stone): https://forum.uvnc.com/viewtopic.php?t=38031
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864
Forum password change request: https://forum.uvnc.com/viewtopic.php?t=38078
Development: UltraVNC development is always here... Any help is welcome.
A new development version, UltraVNC 1.6.3.0-dev has been released, please test it: https://forum.uvnc.com/viewtopic.php?t=38091
Feedback is welcome
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
MSLogon can't authenticate some users on same AD group
-
Rudi De Vos
- Admin & Developer
- Posts: 6951
- Joined: 2004-04-23 10:21
- Contact:
Re: MSLogon can't authenticate some users on same AD group
What do you get when you run testauth.exe on workstations with auth failed.
UltraVNC links (join us on social networks):
- Website: https://uvnc.com/
- Forum: https://forum.uvnc.com/
- GitHub sourcecode: https://github.com/ultravnc/UltraVNC
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
- uvnc2me: https://uvnc2me.com/
- Website: https://uvnc.com/
- Forum: https://forum.uvnc.com/
- GitHub sourcecode: https://github.com/ultravnc/UltraVNC
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
- uvnc2me: https://uvnc2me.com/
Re: MSLogon can't authenticate some users on same AD group
I got this:
C:\Programmi\uvnc bvba\UltraVNC>testauth.exe
Enter user name : gabriele
Enter password : ********
Enter group : EDPIP
loc=1 dom=3 local+domain=3 : 3
Trying authlogonuser.dll
This only works on XP>
test is runnning as application and not a service
------------------------
------------------------
authlogonuser.dll not foundbased on authlogonuser.dll user has NO access
Trying auth.dll
------------------------
------------------------
auth.dll not foundbased on auth.dll user has NO access
Trying authaddll
------------------------
------------------------
authad.dll not foundbased on authad.dll user has NO access
Trying ldapauth .dll
------------------------
------------------------
LDAP://rootDSE
LDAP://DC=ip,DC=loc
ADsPath: LDAP://CN=Gabriele,CN=Users,DC=ip,DC=loc
ADsPath: LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
Group found OK
Object
LDAP://CN=Gabriele,CN=Users,DC=ip,DC=loc
IS a member of the following Group:
LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
based on ldapauth.dll user has access Enter to quit
when I run testauth with my user (one that work), I got this:
C:\Programmi\uvnc bvba\UltraVNC>testauth.exe
Enter user name : paolo
Enter password : ********
Enter group : EDPIP
loc=1 dom=3 local+domain=3 : 3
Trying authlogonuser.dll
This only works on XP>
test is runnning as application and not a service
------------------------
------------------------
authlogonuser.dll not foundbased on authlogonuser.dll user has NO access
Trying auth.dll
------------------------
------------------------
auth.dll not foundbased on auth.dll user has NO access
Trying authaddll
------------------------
------------------------
authad.dll not foundbased on authad.dll user has NO access
Trying ldapauth .dll
------------------------
------------------------
LDAP://rootDSE
LDAP://DC=ip,DC=loc
ADsPath: LDAP://CN=Paolo,CN=Users,DC=ip,DC=loc
ADsPath: LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
Group found OK
////////////////////////////////////////////////////
Checking the Group:
LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
for the member:
LDAP://CN=Paolo,CN=Users,DC=ip,DC=loc
////////////////////////////////////////////////////
Comparing:
{AE5ED752-7DCD-41F8-869C-DACDBF318C69}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{A6C51F28-86F7-40A3-BB26-856EC93C5C7D}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{0D669D5A-72B5-48E7-B4F6-DEDFBD647732}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{5D88448C-8779-484E-942C-D9230BC76291}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{5F6AD8C2-1E1B-4FCF-9D15-8C9CDC3CBA1B}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{6A60E76F-9913-4D92-A87F-BCDBBC997252}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{CE1B812F-14C7-4FEF-AE7B-0DA44761F8C5}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{CFC7D496-A638-4264-8451-951C762BF2AD}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{BB5F3449-A2E7-4054-96B5-F73DAB0E9653}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{1DF6B3B4-496E-4300-9B91-BB9424A60C55}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{F96EDD7A-3AC5-434E-8451-0D52AB898B9E}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{E270E24D-1262-4468-A00C-D2C6A5843C6C}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{98B66050-A7B7-4661-9D93-68A83461B790}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{D763CCD9-0834-476A-9CF2-222CE426F691}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{234A462B-FC7B-4E3D-8845-F2779B20C45D}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
USER not found in group
based on ldapauth.dll user has NO access Enter to quit
thanks a lot
C:\Programmi\uvnc bvba\UltraVNC>testauth.exe
Enter user name : gabriele
Enter password : ********
Enter group : EDPIP
loc=1 dom=3 local+domain=3 : 3
Trying authlogonuser.dll
This only works on XP>
test is runnning as application and not a service
------------------------
------------------------
authlogonuser.dll not foundbased on authlogonuser.dll user has NO access
Trying auth.dll
------------------------
------------------------
auth.dll not foundbased on auth.dll user has NO access
Trying authaddll
------------------------
------------------------
authad.dll not foundbased on authad.dll user has NO access
Trying ldapauth .dll
------------------------
------------------------
LDAP://rootDSE
LDAP://DC=ip,DC=loc
ADsPath: LDAP://CN=Gabriele,CN=Users,DC=ip,DC=loc
ADsPath: LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
Group found OK
Object
LDAP://CN=Gabriele,CN=Users,DC=ip,DC=loc
IS a member of the following Group:
LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
based on ldapauth.dll user has access Enter to quit
when I run testauth with my user (one that work), I got this:
C:\Programmi\uvnc bvba\UltraVNC>testauth.exe
Enter user name : paolo
Enter password : ********
Enter group : EDPIP
loc=1 dom=3 local+domain=3 : 3
Trying authlogonuser.dll
This only works on XP>
test is runnning as application and not a service
------------------------
------------------------
authlogonuser.dll not foundbased on authlogonuser.dll user has NO access
Trying auth.dll
------------------------
------------------------
auth.dll not foundbased on auth.dll user has NO access
Trying authaddll
------------------------
------------------------
authad.dll not foundbased on authad.dll user has NO access
Trying ldapauth .dll
------------------------
------------------------
LDAP://rootDSE
LDAP://DC=ip,DC=loc
ADsPath: LDAP://CN=Paolo,CN=Users,DC=ip,DC=loc
ADsPath: LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
Group found OK
////////////////////////////////////////////////////
Checking the Group:
LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
for the member:
LDAP://CN=Paolo,CN=Users,DC=ip,DC=loc
////////////////////////////////////////////////////
Comparing:
{AE5ED752-7DCD-41F8-869C-DACDBF318C69}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{A6C51F28-86F7-40A3-BB26-856EC93C5C7D}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{0D669D5A-72B5-48E7-B4F6-DEDFBD647732}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{5D88448C-8779-484E-942C-D9230BC76291}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{5F6AD8C2-1E1B-4FCF-9D15-8C9CDC3CBA1B}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{6A60E76F-9913-4D92-A87F-BCDBBC997252}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{CE1B812F-14C7-4FEF-AE7B-0DA44761F8C5}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{CFC7D496-A638-4264-8451-951C762BF2AD}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{BB5F3449-A2E7-4054-96B5-F73DAB0E9653}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{1DF6B3B4-496E-4300-9B91-BB9424A60C55}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{F96EDD7A-3AC5-434E-8451-0D52AB898B9E}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{E270E24D-1262-4468-A00C-D2C6A5843C6C}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{98B66050-A7B7-4661-9D93-68A83461B790}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{D763CCD9-0834-476A-9CF2-222CE426F691}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
Comparing:
{234A462B-FC7B-4E3D-8845-F2779B20C45D}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}
USER not found in group
based on ldapauth.dll user has NO access Enter to quit
thanks a lot