hi you should verify the order in the pam configuration of your server. pam_mkhomedir must be called early to create $HOME with credentials, for example at auth level. which part is responsible for creating/filling $HOME/.vnc/sessman_$USER_password ?
Emmanuel Le vendredi 31 août 2012 10:35:42, Lawrence R. Rogers a écrit : > Folks: > > We are using Xrdp on Fedora 17 for a project and have noticed the following: > > 1. We are authenticating users using Active Directory – this works fine. > Note that this is not an AD problem as local accounts have the same problem > (noted below). 2. We automatically create home directory when a user logs > in for the first time. 3. When a user logs in to Xrdp with their AD > credentials, their home directory is not yet created so sharing the VNC > keys using $HOME/.vnc/sessman_$USER_password cannot be successful. > > I've used strace to see what's going on and indeed I can see where Xvnc is > started pointing at the user's key and then later the home directory > created with /sbin/mkhomedir_helper. > > What we've done as a workaround is to ask our users to ssh into the machine > in question first to create the home directory, then use an RDP client to > attach to the machine. I'm hoping that the ssh step can be eliminated by > restructuring the Xrdp code, and if you believe that to be the case, I'd > like your help. > > Thanks for your time! > > Larry Rogers > > [cid:2497298F-C900-4C26-925A-9C589B590626] > > CERT Certified Computer Security Incident Handler > GIAC Certified Forensics Analyst > > CERT* Program > Software Engineering Institute > Carnegie Mellon University > 4500 Fifth Avenue > Pittsburgh, PA 15213 > > KeyID: 0x16441F81 (RSA) > Fingerprint: C851 9DA0 0BC8 2B6F E0C4 DB15 CF3B 92D4 > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x16441F81 > > KeyID: 0xF8546B01 (DSA) > Fingerprint: 002C B634 E913 9EF1 EEE3 8B4F 8313 51B0 F854 6B01 > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF8546B01 > > * CERT is registered in the U.S. Patent and > Trademark Office by Carnegie Mellon University. -- IUT R.Schuman Université de Strasbourg ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ xrdp-devel mailing list xrdp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xrdp-devel
