Authenticate Local Users on a Domain Member TS server

1dread11 · Jun 22, 2009

I seem to have hit a wall on publishing applications on a new test server.

Environment:

Windows 2003 Server running Terminal Services. The server is a member of the a domain. We are going to be allowing remote non-employee contractors access to this box for software development efforts. Since they are non-employees I have been directed to use local accounts as opposed to Domain accounts.

This box also has the 2X ApplicationServer & LoadBalancer software installed on it; effectively making this server everything it needs for our remote contractors.

Problem:

When these local accounts try to use the 2X applicationServer Client, they get an invalid Password or username error message. I have verified that the credentials are correct and passwords have not expired. I have also verified that the "change password on next login" option is not enabled.

Inside the 2X ApplicationServer & LoadBalancer Console I have changed Connection Settings > Publishing Agent > Authentication to authenticate explicitly with the DomainName/ServerName. I know that in the documentation it indicates to use WorkgroupName/ServerName in this field for local authentication, however since this machine is a member of the domain, I've modified the entry to make use of the DomainName/ServerName. I also noticed that the documentation uses the "/" instead of "\" that I'm used to using when dividing domain\username.... is that correct?

If I remove the option for "Always require user credentials for application list", I can launch the client just fine with no error messages, but I get no list of applications that are published to the specific users.

Application filtering is enabled by users/groups. I have browsed to the local server and added the user accounts created for these remote contractors. I have verified that filtering by IP Address and Client Name is not enabled.

I have switched the Authentication method back to the default domain, and have used my own test account in the domain, and this works like a charm, however this does not meet the requirements as laid out.

Any guidance on getting local user accounts to authenticate properly on a machine that is a member of the domain would be greatly appreciated.

zippo · Jun 30, 2009

1dread11 said:

I seem to have hit a wall on publishing applications on a new test server.

Environment:

Windows 2003 Server running Terminal Services. The server is a member of the a domain. We are going to be allowing remote non-employee contractors access to this box for software development efforts. Since they are non-employees I have been directed to use local accounts as opposed to Domain accounts.

This box also has the 2X ApplicationServer & LoadBalancer software installed on it; effectively making this server everything it needs for our remote contractors.

Problem:

When these local accounts try to use the 2X applicationServer Client, they get an invalid Password or username error message. I have verified that the credentials are correct and passwords have not expired. I have also verified that the "change password on next login" option is not enabled.

Inside the 2X ApplicationServer & LoadBalancer Console I have changed Connection Settings > Publishing Agent > Authentication to authenticate explicitly with the DomainName/ServerName. I know that in the documentation it indicates to use WorkgroupName/ServerName in this field for local authentication, however since this machine is a member of the domain, I've modified the entry to make use of the DomainName/ServerName. I also noticed that the documentation uses the "/" instead of "" that I'm used to using when dividing domain\username.... is that correct?

If I remove the option for "Always require user credentials for application list", I can launch the client just fine with no error messages, but I get no list of applications that are published to the specific users.

Application filtering is enabled by users/groups. I have browsed to the local server and added the user accounts created for these remote contractors. I have verified that filtering by IP Address and Client Name is not enabled.

I have switched the Authentication method back to the default domain, and have used my own test account in the domain, and this works like a charm, however this does not meet the requirements as laid out.

Any guidance on getting local user accounts to authenticate properly on a machine that is a member of the domain would be greatly appreciated.
Click to expand...

Try to use all trusted domains, then on the client use the following username format user@domian, in your case i think you just need the username

cheers

Log in

Authenticate Local Users on a Domain Member TS server

1dread11 Guest

zippo Pro

Share This Page

Log in

Useful Searches

Authenticate Local Users on a Domain Member TS server

1dread11 Guest

zippo Pro

Share This Page