Forum / Devolutions Password Server - Support

Domain Login only working if legacy authentication mode is active

  • Create an Issue
  • Cancel

Hi guys,

i set up a new DVLS-Server several times but i cant figure out what i'm doing wrong.

we use domain authentication,
its working in Server Settings -> Test,
i set "use inherited AD group", "Auto create domain users"


but Users get only created and login only works if I activate "Use legacy authentication mode"

there are no error-messages in iis-logs, sql-log, eventlog....

am i understanding something wrong?
i thought "legacy mode" is only needed if i update from older RDMS-Server ...?!?

regards,

markus

Kind Regards
Markus

======================

Clock4 yrs

Hello,

Which version of DVLS have you installed?
Which version of RDM are you currently using?

Also, could you please post a print screen of the Authentication tab from the Server settings?

Best regards,



Érica Poirier

Happy Holiday Season!
Although our various support queues will be monitored during the coming holiday season, Devolutions' offices will be closed from December 24th, 2019, to January 1, 2020, inclusively.

signaturesignature

Clock4 yrs

NEW Server-Installation:
Windows 2012 R2

SQL 2014

RDM 11.5.8.0
DVLS 3.2.1.0


regards,

markus

Kind Regards
Markus

======================

DVLS-AuthProblem.png
Clock4 yrs

Hello,

What is the format of the username of these users? Do they use the UPN format (user@domain.loc), the Netbios format (domain\user) or only the username?

Could you please test it without any trusted domains and without legacy mode?

Best regards,



Érica Poirier

Happy Holiday Season!
Although our various support queues will be monitored during the coming holiday season, Devolutions' offices will be closed from December 24th, 2019, to January 1, 2020, inclusively.

signaturesignature

Clock4 yrs

all versions of formats tested, with and without trusted domains, with and without legacy mode

result: login is only working if legacy mode is enabled ...

i have tested and installed sooo much times and 1000 variations.

would you like to have a view on the system?

Kind Regards
Markus

======================

Clock4 yrs

Hello,

Please contact us at support@devolutions.net to set up a remote session.

Best regards,



Érica Poirier

Happy Holiday Season!
Although our various support queues will be monitored during the coming holiday season, Devolutions' offices will be closed from December 24th, 2019, to January 1, 2020, inclusively.

signaturesignature

Clock4 yrs

done

Kind Regards
Markus

======================

Clock4 yrs

Hello Erica,

I scheduled an appointment as you suggested.

BTW, today I found this log every time we try to logon:

The following error was received by a user at 22.06.2016 11:10:30
Error:
COMException - The specified directory service attribute or value does not exist. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_SchemaEntry() at System.DirectoryServices.AccountManagement.ADStoreCtx.IsContainer(DirectoryEntry de) at System.DirectoryServices.AccountManagement.ADStoreCtx..ctor(DirectoryEntry ctxBase, Boolean ownCtxBase, String username, String password, ContextOptions options) at System.DirectoryServices.AccountManagement.PrincipalContext.CreateContextFromDirectoryEntry(DirectoryEntry entry) at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInitNoContainer() at System.DirectoryServices.AccountManagement.PrincipalContext.DoDomainInit() at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize() at System.DirectoryServices.AccountManagement.PrincipalContext.ContextForType(Type t) at System.DirectoryServices.AccountManagement.Principal.set_SamAccountName(String value) at Devolutions.Server.DomainAuthenticationManager.Authenticate(String userName, String password, String domain, String& authenticatedUserName) in c:\Dev\devolutions11_5\Websites\Server\Common\Managers\DomainAuthenticationManager.cs:line 118 at Devolutions.Server.Providers.RDMSMembershipProvider.CheckPasswordActiveDirectoryMultiDomain(String username, String password, MembershipLoginData membershipLoginData) in c:\Dev\devolutions11_5\Websites\Server\Providers\RDMSMembershipProvider.cs:line 798 --- Login
Source:
System.DirectoryServices

Kind Regards
Markus

======================

Clock4 yrs

FYI,
this path: c:\Dev\devolutions11_5\Websites\Server\
do not exist in our system


AD Tests in Server Settings -> Authentication are all OK

Kind Regards
Markus

======================

Clock4 yrs

Hi Erica,
Hi Maurice,

any update @ our problem?

regards
Markus

Kind Regards
Markus

======================

Clock4 yrs

Hello,

We are currently working on it and as soon as it is ready, I will communicate with you.

Best regards,



Érica Poirier

Happy Holiday Season!
Although our various support queues will be monitored during the coming holiday season, Devolutions' offices will be closed from December 24th, 2019, to January 1, 2020, inclusively.

signaturesignature

Clock4 yrs

Hi Erica,
Hi Maurice,
any update @ our problem?
it have been more than 2 months since our online-meeting and we really need a fix.
regards
Markus

Kind Regards
Markus

======================

Clock4 yrs

Almost done, final rush

You will need to define a set of credentials at the Instance level, that account will need permissions to interrogate AD.

Thank you for your patience



Maurice Côté

signaturesignature

Clock4 yrs

I'm sitting on needles ...

can i test a beta for you?

Kind Regards
Markus

======================

Clock4 yrs