Authentication Retry

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #53683
    CDLane
    Participant
    • Total Post: 15
    • Regular Joe
    • ★★

    Dear All,

     

    We have an RDS farm running multiple RDSH servers. We have (predominantly) Dell Wyse 3040 devices connecting using a config from our WMS server. If a user uses the wrong password, three attempts are made to connect to a session (I can see them in the Dell Wyse Event Log). Our lockout policy is three strikes and you are locked out for ten minutes. The upshot is if a user gets their password wrong just once, they are locked out.

    How can I stop the 3040 retrying when a password fails?

     

    Best regards,

     

    Chris

    #53685
    CDLane
    Participant
    • Total Post: 15
    • Regular Joe
    • ★★

    An update:

    First failure is “NLA CredSSP Authentication failed”

    Second failure is “negotiate failure 5. Will try without SSL. x224 layer connect  failure!”

    Third failure is “negotiate failure 5. x224 layer connect  failure!”

    How do I stop it making attempt 2 and 3?

    #53686
    brian1020
    Participant
    • Total Post: 259
    • Jacked into The Matrix
    • ★★★★★★

    Need more info about your devices, firmware version, INI configuration.

    Do the Windows event logs on the devices they’re authenticating against provide any more details?

    When did this last work? What changed between the time it last worked until it stopped working? (Windows patching, WTOS update, etc.)

    #53690
    CDLane
    Participant
    • Total Post: 15
    • Regular Joe
    • ★★

    Hi Brian,

    Thanks for responding

    Actually, any device – 8.6._013. Configuration is from WMS.

    The Windows DC logs three 4771 (KRBTGT) in quick succession; all complaining about a bad password.

    I’m not sure it has ever worked. On the odd occasion of an account unlock, it has always been assumed that they had done it wrong 3 times/rested a notepad on the keyboard/been pranked etc.

    #53691
    CDLane
    Participant
    • Total Post: 15
    • Regular Joe
    • ★★

    Update: If I sign on from a normal PC and use MSTSC to connect to the broker farm, purposefully put in the the wrong password, only one 4771 event is logged.

     

    Definately to do with the Dell Wyse thin clients…

    #53692
    brian1020
    Participant
    • Total Post: 259
    • Jacked into The Matrix
    • ★★★★★★

    How many devices?  Have you tried a different firmware to upgrade the Wyse terminals?

    #53693
    CDLane
    Participant
    • Total Post: 15
    • Regular Joe
    • ★★

    Hi Brian,

     

    My guess is all devices (we have three different kinds). It’s difficult to do a firmware upgrade as the devices are remote to me and I don’t want to brick anything.

    I’ll have a think how I can do it out of hours.

    #53721
    CDLane
    Participant
    • Total Post: 15
    • Regular Joe
    • ★★

    Upgraded to 8.6_511 – no change.

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.