Forum / Remote Desktop Manager Mac - Support

Integrated Security on SQL Server data source doesn't work with RDM Mac 5.5.0.0

  • Create an Issue
  • Cancel

@everyone,

The Integrated Security authentication method on SQL Server data source is broken in RDM Mac 5.5.0.0, because of a change made by Microsoft inside the framework Xamarin.Mac. We are waiting for a fix from their end. For more details on the issue, please consult https://github.com/mono/mono/issues/9028

As of now, the workaround would be to use database User to authenticate on the data source or rollback to RDM 5.4.0.0.
This version can be downloaded here https://cdn.devolutions.net/download/Mac/Devolutions.RemoteDesktopManager.Mac.5.4.0.0.dmg

I will update this post later when we will get more information's about the situation.


Best regards,



Jeff Dagenais

signaturesignature

Clock2 yrs

Please note that you will encounter the same issue using RDM iOS or RDM Android since they are sharing the same technology.



Jeff Dagenais

signaturesignature

Clock2 yrs

@everyone,
For those who need to work with integrated security, version 4.3 of RDM Android is available for download on our web site.
Here is the link: https://remotedesktopmanager.com/home/download#android
Best regards,



Jeff Dagenais

signaturesignature

Clock2 yrs

Hi Jean-Francois
I Try to launch RDM 6.2.1.0 on MacOSX 10.14.3 and I encounter the same issue.
I've got a valide enterprise licence and I try to connect my Mac with AD account on SQL Server. It's not possible to our company to modify the authenticate process, AD is mandatory.
Do you know when the issue will solved?

Thanx a lot in advance

BR,

Clement

Clock8 mths

@clement,

Unfortunately, the issue is still present in the latest version of RDM Mac.

I suggest following this thread on that subject, we will post it here and there when it would be resolved
https://forum.devolutions.net/topic29862-ios--cannot-connect-to-mssql-using-integrated-security.aspx

Please



Jeff Dagenais

signaturesignature

Clock8 mths

Hello, my name is David Nicolas.
Is there a solution to use new relewase version RDM Mac with SQL Server 2016?
Is there a date to?

Thanks

Clock8 mths

Hello David,

Could you please follow the thread at https://forum.devolutions.net/messages.aspx?TopicID=29862&Page=1&MessageID=126573#post126573 , I just update it with the latest information from Xamarin/mono.

Best regards,



David Grandolfo

signaturesignature

Clock8 mths

So Great News, David !

Waiting for. Thank you very much.
Best regards,

David Nicolas

Clock8 mths

Hi,
I just downloaded the latest RDM version 2019.1.6.0 but the issue is still present upset
I'can't run the 5.x version with my company license.
It's not possible for me to connect to the SQL server with an other way than M$ LDAP authentification.
Can you help me or should I give up the RDM solution?

Clock3 mths


Hi,

Alas, our hands are tied by Microsoft. The issue is fixed in the latest version of Mono (though it will require further configuration on the Mac computer: https://github.com/microsoft/vscode-mssql/wiki/how-to-enable-integrated-authentication-on-macos-and-linux-using-kerberos), but it has not been included in the Xamarin.Mac, Xamarin.iOS and Xamarin.Android frameworks. I've built a version of RDM with the Unsupported Frameworks to allow building concurrently with Mono 5.20 and it still failed. I'm assuming this is a compatibility issue between Xamarin.Mac and Mono 5.20 and we'll need to wait for official support in Xamarin.

I just want to stress again how using Integrated Security from a device other than a Windows PC joined to the domain is in itself highly irregular and therefore it is not surprising that it is not the focus of neither the Mono nor the Microsoft/Xamarin team.

Best regards,

Xavier Fortin

signaturesignature

Clock3 mths

I've been working in IT for 20 years, a massive portion of IT professionals use Macs and Linux. Along with that, centralized authentication is a security must for auditing and controls. Unfortunately your software gives us very little flexibility to work around this cost effectively, I can certainly use your Devolutions Server product to fix this issue but you're asking us to nearly double our spend on your product to which we dont use to its full capability becuase of its integration into our environment.

By saying this use is irregular, makes me worry that the developers are making decisions about the usefulness of features that users are clearly telling you we use. And I can't stress enough how much money Devolutions is tossing away by not finding another solution, I'm not willing to purchase new licensing for 2/3 of our company who are on Macs since we are stuck in mid 2018. Maybe if you want to cut us a deal on licensing costs in lieu of this issue and just abandon the SQL Integrated Auth model it would help some of us move forward and into using the Password Server solution.

I'm always up for a conversation with the powers that be over this but I'd want to have somone reach out who is familiar with this issue.

Clock3 mths


Hi,

I understand your worry, but I'd like you to keep in mind that we were offering the feature since it was conveniently (and quite simply) provided in the Mono framework originally. As the name implies, this authentication mode is deeply integrated in the Windows SQL Server architecture and it is not a simple matter to "fix" it for third party developpers.


When I say irregular, I simply mean that the integration of this feature in RDM Mac, iOS and Android was never the intended usage of the Integrated Security as designed by Microsoft. As mentioned earlier, this is an authentication mode that is intended to be used from a Windows device to a SQL Server that are both part of the same domain. Simply passing the Username, Domain and Password to it were in itself sort of a hack (you'll note that this is not even available in RDM Windows).

This feature is pretty much a nightmare for us to support as, as I've previously mentioned, we are entirely dependent on Mono/Microsoft whim. To give you an idea of where we're at now. Even the "fix" implemented in Mono to resolve the issue isn't without its own hassle. For instance, any Mac client that intend to use integrated security will have to configure Kerberos on their device (as descriped here https://github.com/microsoft/vscode-mssql/wiki/how-to-enable-integrated-authentication-on-macos-and-linux-using-kerberos) and we will need to generate an expiring Kerberos ticket if one hasn't yet been generated before any connection attempt. And this is only for Mac, we have as of yet no idea how to implement this in iOS or Android.

While (for Mac) this is not an insurmountable barriers, we still need to wait for an update to Xamarin.Mac as building RDM Mac with the currently released version of Xamarin.Mac and Mono 5.20 was not resolving the issue (even with the mentioned configuration of Kerberos). Considering the speed at which such issue are resolved by either Mono or Xamarin.Mac (it took approximately one year between the initial report of the bug to Mono and an its fix (such as it is) to be available in a released version of Mono), I'd definitely not hold my breath.

We are genuinely sorry for all the inconvenience this caused. We'd like to simply roll out a fix, but the powers that be over this are outside of our jurisdiction.


Best regards,

Xavier Fortin

signaturesignature

Clock3 mths