AD Dashboard via devolutions gateway not working

Hello,

Thank you for reaching out to us about this matter!

Could you try configuring a Devolutions Gateway Tunnel instead? I've seen instances where the AD Dashboard was only working with a tunnel.

For more information, you can refer to this page: https://docs.devolutions.net/dgw/kb/gateway-tunnel/

Best regards,

Hi William,

Thanks for the suggestion. When I try to open the Gateway Tunnel entry, it reports 'Invalid URI: The hostname could not be parsed'. The health check on Gateway configured on the Tunnel entry completes successfully, as does testing the gateway in the DVLS webUI. Have tried with both a distinct gateway, and also gateway farm. Using RDM 2024.2.15

Thanks
Joe

Hello,

In the bind address, you will need to configure the hostname of your DC.

Best regards,

Thanks William. That fixed the problem with the tunnel not opening, but if the machine running RDM cannot resolve the fqdn of the DC/Host configured in the dashboard entry, I still get the error 'Could not connect to Domain Controller'.

If I add the respective fqdn of the DC to the local hosts file on the machine running RDM, then it does work, but I suspect that is because the connection is bypassing the tunnel because I see direct TCP connections to the DC when running netstat.

Hello,

Just to be certain, in the AD Dashboard you configured the VPN/Tunnel/Gateway to use the Gateway tunnel entry?

Best regards,

Hi WIlliam,

Yes it is, and the tunnel opens automatically prior to the dashboard opening. Can also use ldp.exe to connect to the local tunnel bind point succesfully..

Joe

Hello,

Thank you for the information, I'll have to verify with our development team to see why this might be happening. I will let you know as soon as I have more information.

Best regards,

Hello,

After reviewing the thread we saw that you have the AD Dashboard configured to use port 6636 and in the Tunnel you configured port 636 could you verify if only using port 636 in both entries works?

Best regards,

Hi WIlliam,

There are 2 AD dashboards configured, one uses 636 and the other 6636. Both ports are configured to forward in the tunnel, but neither AD dashboard entry works.

Pls let me know if you need more info.

Joe

Hi Joe

If you establish the tunnel, and then create a test AD Dashboard entry pointing directly at the bind address / port of the tunnel (no VPN), does it connect? Since ldp.exe works when pointed at the tunnel, this is feeling like an RDM/VPN issue rather than something specific to the Gateway.

Let me know if something isn't clear

Kind regards,

Hi Richard,

Yes doing it that way works fine.

Joe

Hi Joe,

You are correct, the "Test Connection" button will not attempt to perform a connection through the Gateway, this is a known issue, we are working on a fix for this. But the connection itself should work, I have tested it myself just now. I can see the LDAPS connection going through my gateway logs.

Thanks,
Paul

Hello Joe

Just to follow up on what Paul wrote: the fact that it doesn't work over the Gateway Tunnel when using it as a VPN is likely an RDM bug (the AD Dashboard host/port are not getting properly updated by the Gateway Tunnel VPN). That's something that we can address, but the real bug would be this not working over the Gateway directly (without needing to create a tunnel manually).

So, is it simply that the "Test Connection" doesn't work? Did you try saving the connection anyway, and then connecting?

Thanks and kind regards,

Hi Paul and Richard,

When I set the entry to use gateway directly (i.e. not the tunnel), it does seem to connect, but then still displays a 'could not connect to domain controller' error. It gets as far as enumerating the OU's before the error appears, then after clicking OK, the entry closes.

Pls let me know if you would like more info.

Joe

Hello Joe,

Ah awesome, it appears to work for a bit, but then something bad happens. I can look into why this happening, I will log a bug and we will attempt to reproduce it.

Thanks for reporting this issue.

Paul

Hi Paul,

Any update on this one?

Thanks
Joe

Hi Joe,

I'm currently working on a pretty major update to the Active Directory console, that should be included shortly in an update, I'll make sure to take care of this issue at the same time..I'll let you know once it's available.

Thanks,
Paul

Perfect, sounds great, thanks Paul

Hi Paul,

Circling back on this one. Using RDM 2025.2.27 and have an AD dashboard entry that works fine until configuring it to use a Devolutions gateway. When gateway is enabled for the entry and it is launched, RDM responds with error "Unable to connect with Devolutions Gateway:1002" even though the gateway is reachable and the test gateway button says it is healthy. Same result irrespective of whether machine running RDM has line of sight to the domain controller.

Thanks

Joe

Hello Joe,

Sorry for the delay getting back to you, just got back from vacation. I see that you entered an LDAP path for the connection, I think this is the bug, as I have also reproduce the issue on my side. To fix the problem simply change from Mode=LDAP to Mode=Custom and enter the hostname of the DC. I have created a ticket to fix this issue asap.

Also in your LDAP path did you enter the hostname of the DC or simply the DN of the domain? When using Gateway you will probably need to enter the hostname explicitly as it needs to know what server to connect to from the Gateway.

Paul

Hi Paul,

Thanks for looking into this. I tried your suggestion of using custom mode and setting the host to the fqdn of the domain controller, but still got the same 1002 error. Adjusting the options for SSL and/or setting the OU to DC=domain,DC=local didn't seem to have any effect.

Pls let me know if you would like more info.

Joe

Thanks Joe.

Error 1002 means that RDM is failing to create a websocket connection to the Gateway, do you see anything in the gateway logs, is there a connection attempt with you click the "Test connection" button?

Thanks again,
Paul

Hi Paul,

Looks like the 1002 error occurs when a gateway farm is selected. Once I changed the entry to use a non-farm gateway, then it connected successfully. Is the AD Dashboard supported with a Gateway farm?

Thanks
Joe

Hi Joe,

Ah ok, well it should support a Farm, if it does not then that is a bug, I will test it and get back to you. Have a great weekend!

Paul

Hi Paul,

Circling back on this, as still struggling to get the AD Dashboard working via gateway.

Current setup is DVLS 2025.3.15, RDM 2026.1.10, Gateway 2026.1.0.

Have 2 entries (config shown below), they work fine until Gateway is enabled, then both effectively timeout after RDM launch with a horizontal progress bar scrolling indefinitely.

It doesn't seem to matter whether gateway is a farm member.

Launching via WebUI with direct line of site to gateway results in an 'unable to bind error'. Can successfully launch RDP entry in same vault as same user using gateway.

Confirmed gateway server can use ldp.exe to connect to respective domain controller.

Please let me know if you would like any additional info.

Joe

Hi Paul,

Circling back on this, as still struggling to get the AD Dashboard working via gateway.

Current setup is DVLS 2025.3.15, RDM 2026.1.10, Gateway 2026.1.0.

Have 2 entries (config shown below), they work fine until Gateway is enabled, then both effectively timeout after RDM launch with a horizontal progress bar scrolling indefinitely.

It doesn't seem to matter whether gateway is a farm member.

Launching via WebUI with direct line of site to gateway results in an 'unable to bind error'. Can successfully launch RDP entry in same vault as same user using gateway.

Confirmed gateway server can use ldp.exe to connect to respective domain controller.

Please let me know if you would like any additional info.

Joe

@jm2

Thanks Joe, it is still our our list of things to fix, hopefully we will get to it soon.

Paul

Thanks Paul, hopefully not too much longer till this if fixed as browser based AD dashboard (which requires using gateway) is advertised functionality as per Configure a web-based Active Directory dashboard entry - Devolutions Documentation