Open MatthiasCybot opened 1 year ago
RudiDeVos
commented
1 year ago In the code i can see that ldap is still in it, i don't use it myself and untested for a while. It's part of the old MSlogon method (old). If ad is found the user is checked if he belong to group xxx make sure ldapauth.dll is in the same folder as winvnc.exe
MatthiasCybot
commented
1 year ago Hi RudiDeVos,
Many thanks for your quick answer.
Unfortunately, we have the issue that we have a transition phase from one domain to another.
The MSLogon Old method is working fine with ldap but limited to the domain where the clients belong to.
Due to an incomplete trust, the users in the new domain can't be member in the groups in old domain, only in new domain.
Therefore I'd like to use the MSLogon new as this provides the option to use multiple domains.
Is there any option to use MSLogon new based on ldap?
Many thanks for your reply in advance.
Best regards
Matthias
RudiDeVos
commented
1 year ago MSlogon 2 put a acl security on a registry entry and then check if the user has access to this key.
I don't have a ldap domain to test and it's not something i can setup in 5 minutes.
When i find a lot of time... sorry
RudiDeVos
commented
2 months ago Postponed, low priority
Hello,
in our environment, NTLM is blocked due to security risks.
Might there be a possibility to allow Kerberos Authentication, LDAP or others?
Many thanks for your comments in advance.
Every feedback will be highly appreciated.
Best Regards
Matthias