Re: [FreeRDP-devel] help-wanted client 2.0.0-dev2 GSSAPI authentication not working

Mon, 19 Mar 2018 08:57:02 -0700 

Hi
thanks for you help. I've read the Microsoft information before send you an email 

https://social.msdn.microsoft.com/Forums/en-US/da074f0f-0887-4151-88ea-19a671ed91d9/is-it-possible-to-do-true-kerberos-sso-using-rdp-?forum=os_windowsprotocols
  but in fact I haven't understood that authentication with kerberos is not 
supported with RDP.

Thomas you're right  about that

/You can check that your user credentials store contains the session 
ticket for the RDP host you are trying to connect to has been added./


Valid starting       Expires              Service principal
19/03/2018 16:44:20  20/03/2018 02:33:53 TERMSRV/hostname.domain@DOMAIN

Thanks a lot, regards
--
Christophe




Le 19/03/2018 à 15:49, Thomas Calderon a écrit :

Indeed, what you should be able to do is negotiate the NLA channel 
using Kerberos and then be prompted again for credentials.
You can check that your user credentials store contains the session 
ticket for the RDP host you are trying to connect to has been added.


Cheers,

Thomas


On Mon, Mar 19, 2018 at 2:39 PM, Bernhard Miklautz via FreeRDP-devel 
<freerdp-devel@lists.sourceforge.net 
<mailto:freerdp-devel@lists.sourceforge.net>> wrote:


    Hi,

    On Mon, Mar 19, 2018 at 02:03:56PM +0100, DELHOMME Christophe
    605228 via FreeRDP-devel wrote:
    > |xfreerdp /buildconfig [10:45:47:939] [13878:13878]
    >  ...
    > |xfreerdp /u:username /v:hostname.domain [10:47:39:253]
    > ...
    > [DEBUG][com.freerdp.core.nego] - Negotiated NLA security
    > [10:47:39:278] [14032:14033] [DEBUG][com.freerdp.core.nego] -
    > nego_security_connect with PROTOCOL_NLA [10:47:39:298] [14032:14033]
    > [DEBUG][com.winpr.utils] - Could not open SAM file! Password:|

    > I've a valid kerberos ticket and we can use RDP/SSO from Windows to
    > Windows. I'm using CentOS7 distribution
    Authentication with Kerberos isn't supported with RDP (this is not
    a FreeRDP limitation).
    The Windows single sign on is based on passing the same username and
    password credentials to the remote desktop server.

    Best regards,
    Bernhard

    
------------------------------------------------------------------------------
    Check out the vibrant tech community on one of the world's most
    engaging tech sites, Slashdot.org! http://sdm.link/slashdot
    _______________________________________________
    FreeRDP-devel mailing list
    FreeRDP-devel@lists.sourceforge.net
    <mailto:FreeRDP-devel@lists.sourceforge.net>
    https://lists.sourceforge.net/lists/listinfo/freerdp-devel
    <https://lists.sourceforge.net/lists/listinfo/freerdp-devel>







        




------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
FreeRDP-devel mailing list
FreeRDP-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freerdp-devel






















					Reply via email to