Active directory authentication

Forum / NoMachine for Windows / Active directory authentication

  • This topic has 1 reply, 2 voices, and was last updated 3 years ago by Cato.
Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #32360
    dropbrick
    Participant

    Hi,

    I can’t seem to log in via any active directory user in the NoMachine dialog on Windows. If I use a local user in NoMachine and an AD user in Windows it works fine instead.
    I have no problem instead on MacOS and Linux, where I can use the same AD user for NoMachine and the OS login.

    Is there some extra setup to be done on Windows to make this work? (I didn’t have to do anything on MacOS and Linux)

    Not much in the logs….as far as I can tell?

    21164 16200 16:06:55 959 ExecuteNodeNXLsa: ERROR! NXLsa/exec failed and no password available.
    21164 16200 16:06:55 961 ExecuteNodeToken: ERROR! Failed to create process as user.
    21164 16200 16:06:55 961 ExecuteNodeToken: ERROR! Error is '1314'

    2021-03-11 15:55:51 198.259 24400 NXSERVER User 'AD\myuser' logged in from '192.168.1.100' using authentication method NX-password.
    2021-03-11 15:55:51 451.248 24400 NXSERVER ERROR! Cannot connect to local node.

    Thanks!

    #32513
    Cato
    Participant

    Hello dropbrick,

    It appears that ‘nx’ user doesn’t hold the privilege required for starting the nxnode process. In this case, most likely  ‘Act as part of the operating system’ is missing. This is the list of all privileges needed by ‘nx’ account:

    Act as part of the operating system
    Log on as a service
    Adjust memory quotas for a process
    Replace a process level token

    You can find all of them described here:
    https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment

    Remember that domain group policy can override local group policy settings.

Viewing 2 posts - 1 through 2 (of 2 total)

This topic was marked as solved, you can't post.