|
Hi, I am trying to configure AD login to DVLS, RDM works when datasource configured with windows authentication, but it doesn't work through IE. In logs I see entry:
GetAccountInfo-SessionRequired Any idea?
Clock3 yrs
|
|
|
Hello, I am afraid that I do not understand perfectly what you mean that it doesn't work through IE? Do you want to do an auto login when you open the DVLS web interface within IE?
Or you are not able to login on the DVLS web interface with IE when you enter manually the username and password? Best regards,
Érica Poirier
 
Clock3 yrs
|
|
|
Hello, I guess we have a problem with AD integration.
DVLS is configured to autocreate users:
- if I use anything else than UPN: it doesn't read %username% and account is created as DOMAIN\ (without username). It works for RDM (datasource is DVLS with Use Windows Authentication). In RDM's data source connection details I see username correctly.
- if UPN is selected, user is created OK, with UPN as username. But if I try to login through web browser says: Invalid username or password, and app log says: GetDomainUserIdentity - Domain not found  OMAIN.COM In both cases RDM with DVLS datasource successfully connects but in web browser I am not able to sign in. We use UPN suffix that matches public domain - not same as local domain and thus cannot be used for domain in domain authentication field of configuration... I actually don't care about single sign-on since we are going to use 2FA later on - but since IE has integrated windows authentication I thought it will work the same way as RDM... Best regards,
Rok B
Clock3 yrs
|
|
|
Hello, Thank you for the detailed information. I presume you are using alternate UPN suffixes in your AD environment, is it correct? The usage of alternate UPN suffixes is not supported in DVLS 4.x and the Automatic User Creation will not work in that environment. But there is a workaround. You have to manage manually each AD user account in DVLS. When you create an account, you must type in manually the NetBios username format to add a user. And you have to disable the Automatic User Creation feature. About the Windows Authentication feature in IE, I will have to ask the engineer who's in charge of that when he will come back from his vacation. Best regards,
Érica Poirier
Clock3 yrs
|
|
|
Hi, thank you for the answers, we use alternate UPN suffix because of other integrations. Is there a possibility to bulk import users, if I dump samaccountnames to csv, is there a cmdlet to import them? Best regards,
Rok B
Clock3 yrs
|
|
|
Hello, UPX suffixes are supported with RDM 12.6.4.0 and Devolutions Server 4.6.0.0. What version are you currently using? In Tools -> Devolutions Server Console, you will found a button to import your users using LDAP.
 Best regards,
Jeff Dagenais
Clock3 yrs
|
|
|
Hi, sorry for late reply, this issue is solved with DVLS 4.6.0.0 I can import the users from AD. Best regards,
Rok Berlec
Clock3 yrs
|
|