Pass through authentication without Citrix?

  • This topic is empty.
Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • #484
    Avatardouglash
    Member
    • Total Post: 2
    • Newbie

    I have a V10L that I am trying to setup.
    What I would like to able to do is that a user signs into the thin client with whatever password they want, and have it automatically launch a unique RDP session to a computer with the username/password they typed in. Is this possible? So far I can get it to prompt for a username but it never continues past that point.

    #9775
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    Hi Doug,

    You could try the signon=NTLM, be aware you will need to have a sever that can accept NTLM authentication which is not as strong as Kerberos. I thing there is info on Technet on how to set this up,

    Cheers,
    -TT

    #9776
    Avatardouglash
    Member
    • Total Post: 2
    • Newbie

    I saw that option, but I am not sure on what options I need setup in the config file for that… I would assume that I would need to define a domain someplace and a server to auth against.

    Also, I am unable to even log in as a user on the device, even if I have the config file setup in their name (ini/user.ini). Surely I am missing something as I would think I should be able to at least login without any password.

    #9779
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    Hi,

    NTLM uses LAN Manager Broadcasts to find a login server – as long as there is a server to authenticate against.

    To use ini files create the user INI in a ftp server with write access and leave the ini empty.

    Login as the username and set a password, this will be written as a hash into the user.ini file. After this you can set the ftp server back to read only.

    This is fine for on or two users but not for lots of logins.

    In a Citrix or VDI environment you can use the Citrix XML service or the Connection Broker to handle the authentication in a secure fashion.

    The V6 Linux boxes have a full PAM and LDAP implementation so you can authenticate to AD without messing with NTLM.

    Cheers,
    -TT

Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.