Celebrating the 22th anniversary of the UltraVNC: https://forum.uvnc.com/viewtopic.php?t=38031
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: https://forum.uvnc.com/viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: https://forum.uvnc.com/viewtopic.php?t=37864

Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Bluesky/AT Protocol: https://bsky.app/profile/ultravnc.bsky.social
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://x.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc

per-user non-windows passwords

Any features you would like to see in UltraVNC? Propose it here
Post Reply
geneg
Posts: 3
Joined: 2006-08-30 16:58

per-user non-windows passwords

Post by geneg »

Hi

I would like to figure out either if the following feature exists, or how to modify UltraVNC to add it. I need to support access by a variety of users to my machine for a limited time. I would like to create session tokens for each user and to control the validity of the token. Once the token expires, that user is denied access. Users need not have Windows Domain accounts. I wasn't able to find any documentation on such a feature.

Conceptually, I was thinking that a clean way to implement this is as follows:
1. Use some authentication process to generate a token for a user and associate with it some access rights (such as a time interval)
2. Distirbute that token to the user to use as a password
3. When the user enters the password, have the issuing authentication process validate it.
4. If valid, substitute a privately-held password (or ms login credentials) and allow login to proceed as currently implemented.
5. In expired or not registered, reject connection.

I looked at the UltraVNC code but was confused about where such a feature could be inserted. It seems like a generalized plug-in solution to this might make sense. It would keep UltraVNC free of particular authentication baggage, but allow custom-tailored solutions to be developed for specific applications.

Any suggestions, hints, or existing implementations would be greatly appreciated.

Thanks for a great product!

Gene
Top
geneg
Posts: 3
Joined: 2006-08-30 16:58

Re: per-user non-windows passwords

Post by geneg »

Did I post this request in the right place? I am a bit underwhelmed by the lack of response or discussion of this idea.

Gene
Top
Marscha
Former moderator
Former moderator
Posts: 464
Joined: 2004-05-14 06:48

Re: per-user non-windows passwords

Post by Marscha »

hmm, maybe it's already implemented...
With MS-Logon (I or II), you don't need a domain account, you can also just use a local computer account for authentication.
So you need to create enough accounts for your users on your machine and configure UltraVNC to use that for authorization.
Top
geneg
Posts: 3
Joined: 2006-08-30 16:58

Re: per-user non-windows passwords

Post by geneg »

Marscha wrote:hmm, maybe it's already implemented...
With MS-Logon (I or II), you don't need a domain account, you can also just use a local computer account for authentication.
So you need to create enough accounts for your users on your machine and configure UltraVNC to use that for authorization.
My problem is two-fold:
1) not all my users are domain users, and
2) I don't want to give everyone access all the time, just at the times of my chosing.

That was the reason I was thinking about plug-in architecture for authentication; it would allow arbtrary application logic to dictate access without burdening the codebase with irrelevant (and special-case) code.

Thanks for the reply,

Gene
Top
Post Reply

Return to “Feature requests”