using a previous release, ms-logon seemed to work ok.
Other than that using 202 release now, only difference now is both server and viewer are winXP, before they were both win2k
Have a domain group with 3 domain admins. I logged on to a winxp machine, installed ultravnc 202, specified "new" ms logon, choose the proper domain group.
But, when trying to logon remotely, the only user it will allow is me, I presume cuz my user/pass was the one that installed it. The other 2 people in the group fail authentication.
any suggestions?
thanks, steve
Update: UltraVNC 1.4.3.6 and UltraVNC SC 1.4.3.6: viewtopic.php?t=37885
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
Important: Please update to latest version before to create a reply, a topic or an issue: viewtopic.php?t=37864
Join us on social networks and share our announcements:
- Website: https://uvnc.com/
- GitHub: https://github.com/ultravnc
- Mastodon: https://mastodon.social/@ultravnc
- Facebook: https://www.facebook.com/ultravnc1
- X/Twitter: https://twitter.com/ultravnc1
- Reddit community: https://www.reddit.com/r/ultravnc
- OpenHub: https://openhub.net/p/ultravnc
worked before, now doesn't
did you:
1. updated from win2000 to XP ?
or
2. full new install of winxp ?
1, did you unstalled previous release RCxx before install new RC202 ?
or
2. did you full install RC202 ? (without importing any registry of ORL and UltraVNC)
1. updated from win2000 to XP ?
or
2. full new install of winxp ?
1, did you unstalled previous release RCxx before install new RC202 ?
or
2. did you full install RC202 ? (without importing any registry of ORL and UltraVNC)
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
OS Win: xp home + vista business + 7 home
only experienced user, not developer
These are 2 completely different machines, no they are not updated from win2k to winxp.
Both machines have not had ultra installed, although one did have tight installed prev, did uninstall tight
on server, installed server only, not viewer, not repeater
on viewer machine, installed both server & viewer, not repeater.
2. did you full install RC202 ? (without importing any registry of ORL and UltraVNC)
well, I installed from the RC202 link, the one without the fs in the file name, didn't import anything.
Thanks
Steve
Both machines have not had ultra installed, although one did have tight installed prev, did uninstall tight
on server, installed server only, not viewer, not repeater
on viewer machine, installed both server & viewer, not repeater.
2. did you full install RC202 ? (without importing any registry of ORL and UltraVNC)
well, I installed from the RC202 link, the one without the fs in the file name, didn't import anything.
Thanks
Steve
new documentation about authentication, if you not yet read it.
http://doc.uvnc.net/features/authentication.html
http://doc.uvnc.net/features/authentication.html
UltraVNC 1.0.9.6.1 (built 20110518)
OS Win: xp home + vista business + 7 home
only experienced user, not developer
OS Win: xp home + vista business + 7 home
only experienced user, not developer
I tried using this method:
http://www.tburke.net/info/misc/vnc_remote.htm
which I thought worked ok the first couple of times, but now, again, I'm the only one that can logon, I suppose because my user/pass was used to install.
The ms-logon page you referred me to talked about ACL, but since I'm exporting the entire ORL key, which inclues:
\winvnc3
ACL REG_BINARY 00 02 0c and so on
then I shouldn't have to do anything with the ACL as shown on
http://doc.uvnc.net/features/authentication.html right?
In case I do, I exported a acl.txt which shows:
allow 0x00000003 ..\testvnc
(testvnc group is the group comprised of me and two others)
what do I do with this acl.txt file? Am I supposed to:
run it on the remote computer with
MSLogonACL /i /a acl.txt ?
Really confused,thanks,Steve
http://www.tburke.net/info/misc/vnc_remote.htm
which I thought worked ok the first couple of times, but now, again, I'm the only one that can logon, I suppose because my user/pass was used to install.
The ms-logon page you referred me to talked about ACL, but since I'm exporting the entire ORL key, which inclues:
\winvnc3
ACL REG_BINARY 00 02 0c and so on
then I shouldn't have to do anything with the ACL as shown on
http://doc.uvnc.net/features/authentication.html right?
In case I do, I exported a acl.txt which shows:
allow 0x00000003 ..\testvnc
(testvnc group is the group comprised of me and two others)
what do I do with this acl.txt file? Am I supposed to:
run it on the remote computer with
MSLogonACL /i /a acl.txt ?
Really confused,thanks,Steve
here's more info.........
when I first do a remote install, BEFORE rebooting, all 3 members of the testvnc group can logon. File Transfer doesn't work. When I close the vnc connection, nothing happens to the server computer (which is how I've got it set).
Once I reboot the server, I'm the only one that can logon to the server (I guess because my user/pass was used to install). Once I'm logged on, file transfer works. But, when I close the connection, the server computer shuts down and reboots.
pretty confused here.......
steve
when I first do a remote install, BEFORE rebooting, all 3 members of the testvnc group can logon. File Transfer doesn't work. When I close the vnc connection, nothing happens to the server computer (which is how I've got it set).
Once I reboot the server, I'm the only one that can logon to the server (I guess because my user/pass was used to install). Once I'm logged on, file transfer works. But, when I close the connection, the server computer shuts down and reboots.
pretty confused here.......
steve
hmmm, ran the acl.txt on remote machine, now the other two members of the group can logon. Guess the ms-logon part of ultravnc was for vnc only, now windows itself. I thought ms-logon would handle everything.
Making progress......
With ultravnc 202, there is a driver folder, but no video drivers. How do I install the video drivers remotely?
Thanks,Steve
Making progress......
With ultravnc 202, there is a driver folder, but no video drivers. How do I install the video drivers remotely?
Thanks,Steve
ok, redownloaded 19.5, installed and got drivers that way. So, I'm ok on the driver question.
I'd still like a better understanding the ACL......what is happening when I import the exported ACL.txt file? I'm not using the overwrite switch, using append. The message I get is
RegSetValueEx passed
deleting ACE_DATA linked lists
its the second one that concerns me..what is it deleting?
Thanks, Steve
I'd still like a better understanding the ACL......what is happening when I import the exported ACL.txt file? I'm not using the overwrite switch, using append. The message I get is
RegSetValueEx passed
deleting ACE_DATA linked lists
its the second one that concerns me..what is it deleting?
Thanks, Steve
Steve,
Please do not use the ACL that you exported with the ORL reg key.
You should instead use the MSLogonACL tool.
Define your groups/users in Admin Properties -> Configure MS-Logon Groups.
Then export the ACL from that machine and import it into the other.
If you start from scratch, it's not important if you append or overwrite on a new machine.
To check the result, you can again export the ACL from the new machine and verify that it's configured as you intended.
To debug your connection attempts you could look at the Windows Event log (Application log).
You should see an entry stating if you are not authenticated (i.e. username/password combination is wrong) or not authorized (i.e. the ACL does not allow to connect).
Similar information is in C:\WinNT\system32\WinVNC-authSSP.log
I'll improve the diagnostic messages in MSLogonACL
and also try to make the documentation more user friendly...
Martin
Please do not use the ACL that you exported with the ORL reg key.
You should instead use the MSLogonACL tool.
Define your groups/users in Admin Properties -> Configure MS-Logon Groups.
Then export the ACL from that machine and import it into the other.
If you start from scratch, it's not important if you append or overwrite on a new machine.
To check the result, you can again export the ACL from the new machine and verify that it's configured as you intended.
To debug your connection attempts you could look at the Windows Event log (Application log).
You should see an entry stating if you are not authenticated (i.e. username/password combination is wrong) or not authorized (i.e. the ACL does not allow to connect).
Similar information is in C:\WinNT\system32\WinVNC-authSSP.log
I'll improve the diagnostic messages in MSLogonACL
and also try to make the documentation more user friendly...
Martin
Last edited by Marscha on 2005-03-29 08:23, edited 1 time in total.
Here's what I had done:
Did the remote install per instructions at:
http://www.tburke.net/info/misc/vnc_remote.htm
which says to export the key
HKEY_LOCAL_MACHINE\Software\ORL
from a machine which is setup the way I want, and import that key to the remote computer, after performing the remote install. I did that, and ran into the problems outlined above.
Later, I ran the MSLogonACL tool on the orginal machine, and exported/imported that.
But HKEY_LOCAL_MACHINE\Software\ORL has a subkey:
ORL/WinVNC3/ACL
so I should remove that ACL entry prior to importing?
Thanks,Steve
Did the remote install per instructions at:
http://www.tburke.net/info/misc/vnc_remote.htm
which says to export the key
HKEY_LOCAL_MACHINE\Software\ORL
from a machine which is setup the way I want, and import that key to the remote computer, after performing the remote install. I did that, and ran into the problems outlined above.
Later, I ran the MSLogonACL tool on the orginal machine, and exported/imported that.
But HKEY_LOCAL_MACHINE\Software\ORL has a subkey:
ORL/WinVNC3/ACL
so I should remove that ACL entry prior to importing?
Thanks,Steve
Steve,
either remove HKEY_LOCAL_MACHINE\Software\ORL\WinVNC3\ACL prior to importing or use the overwrite switch (/i /o).
You can always check what's configured if you
either open the "configure mslogon groups" dialog
or export the ACL and check the resulting file.
MS-Logon II is as MS as could be:
Configure the security of a file with the same group.
Try to open it with one of your accounts (using run as).
-> You should get the same results.
Again: Please check the Event Viewer.
Martin
either remove HKEY_LOCAL_MACHINE\Software\ORL\WinVNC3\ACL prior to importing or use the overwrite switch (/i /o).
You can always check what's configured if you
either open the "configure mslogon groups" dialog
or export the ACL and check the resulting file.
MS-Logon II is as MS as could be:
Configure the security of a file with the same group.
Try to open it with one of your accounts (using run as).
-> You should get the same results.
Again: Please check the Event Viewer.
Martin