MSLogon can't authenticate some users on same AD group

Should you have problems with the MS logon plugin, here's the place to look for help or report issues.

MSLogon can't authenticate some users on same AD group

Postby pbornacin » 2013-06-05 13:49

hi, I have various versionof UltraVNC running in a domain environment with MSLogon enabled on all workstations.
I have an AD group for IT users so they can authenticate to user workstations.

On some workstation an IT users get Authentication Failed when they attempt to VNC into users workstations.

Myself and another tech can, under the IT users domain login, VNC into a target workstation and authenticate with OUR AD credentials without issue.

So, the VNC viewer works and can connect to the target workstation.

I verified that the IT users being rejected are in fact in the MSLogon AD group, and the target workstation
has that group listed in the MSLogon ACL, with Domain checked.

Any ideas?

thanks

paolo
pbornacin
 
Posts: 7
Joined: 2010-07-01 07:19

Re: MSLogon can't authenticate some users on same AD group

Postby Rudi De Vos » 2013-06-05 17:26

What do you get when you run testauth.exe on workstations with auth failed.
Rudi De Vos
Admin & Developer
Admin & Developer
 
Posts: 5295
Joined: 2004-04-23 10:21

Re: MSLogon can't authenticate some users on same AD group

Postby pbornacin » 2013-06-06 15:32

I got this:

C:\Programmi\uvnc bvba\UltraVNC>testauth.exe
Enter user name : gabriele
Enter password : ********
Enter group : EDPIP

loc=1 dom=3 local+domain=3 : 3

Trying authlogonuser.dll
This only works on XP>
test is runnning as application and not a service
------------------------
------------------------
authlogonuser.dll not foundbased on authlogonuser.dll user has NO access
Trying auth.dll
------------------------
------------------------
auth.dll not foundbased on auth.dll user has NO access
Trying authaddll
------------------------
------------------------
authad.dll not foundbased on authad.dll user has NO access
Trying ldapauth .dll
------------------------
------------------------
LDAP://rootDSE
LDAP://DC=ip,DC=loc
ADsPath: LDAP://CN=Gabriele,CN=Users,DC=ip,DC=loc
ADsPath: LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
Group found OK
Object

LDAP://CN=Gabriele,CN=Users,DC=ip,DC=loc

IS a member of the following Group:

LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc

based on ldapauth.dll user has access Enter to quit

when I run testauth with my user (one that work), I got this:

C:\Programmi\uvnc bvba\UltraVNC>testauth.exe
Enter user name : paolo
Enter password : ********
Enter group : EDPIP

loc=1 dom=3 local+domain=3 : 3

Trying authlogonuser.dll
This only works on XP>
test is runnning as application and not a service
------------------------
------------------------
authlogonuser.dll not foundbased on authlogonuser.dll user has NO access
Trying auth.dll
------------------------
------------------------
auth.dll not foundbased on auth.dll user has NO access
Trying authaddll
------------------------
------------------------
authad.dll not foundbased on authad.dll user has NO access
Trying ldapauth .dll
------------------------
------------------------
LDAP://rootDSE
LDAP://DC=ip,DC=loc
ADsPath: LDAP://CN=Paolo,CN=Users,DC=ip,DC=loc
ADsPath: LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc
Group found OK

////////////////////////////////////////////////////
Checking the Group:

LDAP://CN=EDPIP,CN=Users,DC=ip,DC=loc

for the member:

LDAP://CN=Paolo,CN=Users,DC=ip,DC=loc


////////////////////////////////////////////////////

Comparing:

{AE5ED752-7DCD-41F8-869C-DACDBF318C69}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{A6C51F28-86F7-40A3-BB26-856EC93C5C7D}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{0D669D5A-72B5-48E7-B4F6-DEDFBD647732}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{5D88448C-8779-484E-942C-D9230BC76291}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{5F6AD8C2-1E1B-4FCF-9D15-8C9CDC3CBA1B}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{6A60E76F-9913-4D92-A87F-BCDBBC997252}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{CE1B812F-14C7-4FEF-AE7B-0DA44761F8C5}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{CFC7D496-A638-4264-8451-951C762BF2AD}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{BB5F3449-A2E7-4054-96B5-F73DAB0E9653}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{1DF6B3B4-496E-4300-9B91-BB9424A60C55}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{F96EDD7A-3AC5-434E-8451-0D52AB898B9E}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{E270E24D-1262-4468-A00C-D2C6A5843C6C}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{98B66050-A7B7-4661-9D93-68A83461B790}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{D763CCD9-0834-476A-9CF2-222CE426F691}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

Comparing:

{234A462B-FC7B-4E3D-8845-F2779B20C45D}
WITH:
{D99E9ED4-98CB-44AF-96E0-44C4835238A3}

USER not found in group
based on ldapauth.dll user has NO access Enter to quit

:cry: :cry:

thanks a lot
pbornacin
 
Posts: 7
Joined: 2010-07-01 07:19


Return to MS logon plugin

Who is online

Users browsing this forum: No registered users and 1 guest