Windows Active Directory Integration

Hello,


The topic about MariaDB is old, AFAIK MariaDB never did get that plugin as it was a commercial option. We will update the documentation.

As for your problem, unless you have hundreds of users, you could use SQL Server Express which is free. It's your only option. You will have to manage users permissions individually though, not a concern if the number of users is reasonable.

Best regards,

MAURICE THANK YOU!!

Thanks Maurice. So far I find the documentation lacking in several areas for such a complex app, but I'm making slow progress.


More questions if you don't mind:

I've ended up with Sql Server Express 2016. It is up and running with active directory integration on the same virtual machine I have RDM on. Now I want to test how I can manage user permissions, so I've also set up a security group and added domain user to it, this test user has View permissions only.


Now when I log back into my VM with the test domain user, and launch RDM, it acts like it's never been run before, and uses a Local Data Source - instead of being linked by default to Sql Server Express. Do I have to manually reconnect it for every user? Am I on the right track here? Will I be able to set up different lists of available sessions/resources based on which user domain user is logged into the box?

Hello,


Each user profile has their own local configuration, by default in %LOCALAPPDATA% (Installation > Client > Configuration File Location)

To deploy a config to new users, the easiest is to create your own installation package using our Custom Installer Service. (Create an Installation Package)

If rather you are mostly running from the same machine, its best to use a default.cfg file like under a Terminal services environment (Terminal Services)

Best regards,

Thanks again Maurice. I am still having trouble wrapping my head around how I can customize this for different users... the user profile you pointed out seems to just contain schema information, and I don't think I want a custom installation package.

Could someone walk me through this? Very simple example:



I want a user named Bob to see a list of 5 VNC connections.... I want a user named Sue to only have access to 3 of those connections.

So.. how should I set this up? How do Bob and Sue login to RDM? Do they just use their domain credentials to login to the Windows desktop - and then once launched RDM will use those domain credentials and show them a list based on what has been setup for their domain account? Or do they login to RDM with a local account? How do I then set up different sessions for different user? Do they both use the same data source? etc etc

Hello Dennis,


All your users will connect on the same data source, which in your case is SQL Express 2016.

They will use a custom database user or Integrated Security to connect on the database. This will depend how you will create your users in the Administration -> Users menu (http://help.remotedesktopmanager.com/administration_usermanagement.htm).

For your questions regarding the security groups, I suggest you to watch our tutorial on the subject
http://remotedesktopmanager.com/Support/Video?v=5ejIIg-t8I4#SpotlightOn

Best regards,

Hello, thanks for the response Jean-François, that video about security groups was exactly what I was looking for. One last question please: Using RDM with integrated security and Microsoft SQL or SQL Express: there will be two steps for each new user I want to add:



(1) manually create the user account in RDM, which will be the same as their domain account, basically just creating a link from active directory to RDM

(2) for each new user I need to have them login to the desktop with their domain credentials, launch RDM, manually connect it to the SQL Datasource, and manually delete the local datasource.


If we had hundreds or thousands of users, how could we eliminate those two steps?

Hello,


1) Yes, you would need to create your users manually and provide them the appropriate access to the database.

You can eliminate the "manual" user creation by using Devolutions Server as your backend data source (http://server.devolutions.net/). With Devolutions Server, your users will be created automatically by the system and their access will be provided via AD Groups.

2) Using our Custom Installer Service (http://helpcloud.devolutions.net/custominstaller_introduction.htm) it will be easy for you to distribute RDM with the appropriate configuration, like the data sources, the license, ect...

Best regards,

Hello Jean,
I am using Enterprise licensed for RDM/Devolutions Server. I have set AD Authentications for the users to connect to the datasource. I have created "Custom Installation package from the DATASOURCE and used %Domainuser%\%username% variable for credentials.

When ever users try to connect to the data source they are getting kicked-out with attached screen shot.
I was able to login with my domain credentials but I am also getting the same issue suddenly.

Can you suggest where I have to check for the errors ?
How can I add users from AD Security group to grant them access to Datasource ?

Hello Aammir,

Just to confirm, is your data source a Devolutions Server (DVLS)? In the Roles tab, you would have access to create links to your AD groups.

If you are indeed running DVLS, please contact us at support@devolutions.net and we'll book a remote session. Please include your license details in the email.

Best regards,

Sure Maurice,
I drafting the mail to the Support Team.

By the time we get connected, Can you quickly details me about linking the AD Security Group to the DVLS Roles. I mean when I link Security group from AD in DVLS. Dose those users (member's of security group) can access Datasource (Registered datasource on devolution server) with there Domain credentials ?
If Yes I am getting error "Credentials are correct but you don't have access to datasource" can you please provide the solution for the same.

Hello,

Have you recently upgraded the DVLS instance?
Is the user getting this fault configured to use the DOMAIN authentication type? (drop down in the properties)


Best regards,

No I am using DVLS v3.2.2.0 version. I am planning to upgrade.
RDM Client version 11.7.6.

When I Add user under "Users" from AD, It allows the user to connect. Whereas when I try to access with the user part of AD Security group added as a ROLE in DVLS it gives error.


Do I need to add those users(Members of AD Security group) to users in DVLS.

either you have "auto create domain users" or you must create user accounts for them manually.

Question here is how I can add AD Security group to grant access to Datasource , instead of adding single user ?

Thats what a role is, a link to an Active Directory group.

You can find all of the details on How to Configure Security Groups and Roles with AD Integration

We havent received your email yet, and we have someone available for a session right now.

Best regards,

Hello Maurice,

I want to grant access to users from other domain (out of DVLS Server domain) to access the datasource (RDM Client). Both the domains are connected with trust relationship. Please advice how I can setup.
Please let me know If I can share the session with you

Thanks in advance,
Aammir

Hello Aammir,

Multi-Domain features are in the Platinum edition (https://server.devolutions.net/Home/FeaturesGrid), we are in the final testing phase of this feature as we speak.

Since there is no relationship between the forum credentials and the transactions of our CRM, I cannot identify your account. Have you purchased the DVLS subscription already?


Best regards,

Hello Maurice,

I have a enterprise license available.
Please suggest how to get upgraded to "Premium Edition"
Let me know if you need any logs or license info.

Thanks,
Aammir

Hello,

Simply contact our sales team : sales@devolutions.net

The Enterprise licence is for RDM itself, the Platinum licence is for Devolutions Server.


Best regards,