Forum Replies Created
-
Posts
-
Hello Armaggedon,
There are few possible reasons of problem with accessing .Xauthority file. Check if you can establish NoMachine session after following instructions for each of the listed scenarios separately.
1. The home directory is not mounted.
Start terminal ssh session to remote node host, to make sure that home directory is mounted.
2. Home directory is mounted, but SELinux is preventing access.
Follow this article to temporarily disable selinux or set it to permissive mode:
https://linuxize.com/post/how-to-disable-selinux-on-centos-7
3. The file has correct permission, but not the correct owner.
Make sure that the owner of the file is the same as user who attempts to establish NoMachine session.
4. There’s some difference in configuration between server machine and remote node machine.
Look for potential differences in /etc/pam.d directories on ETS and TSN.
Hello dhfrx,
Can you connect to the NoMachine server host using terminal ssh client? Is it possible to establish ssh session for user experiencing the problem with NX? From information gathered so far, it appears that the host is part of the domain. What exact technology do you use? Is it Windows AD, LDAP server or something else? If this is Windows AD, did you make sure that domain group policy settings like, NetworkLogonRight are properly set in domain controller? Does the problem affect all domain users or just this one specific user?
Hello dhfrx,
So now we can see that the problem is ‘access denied’ from pam_sss.
Please apply the instructions from:https://www.nomachine.com/AR12P01007
and see if this helps.
Hello dhfrx,
Please, run this command from terminal as root user:
cp /etc/pam.d/sshd /etc/pam.d/nx
Reproduce the problem and check again auth.log for nxexec entries.
Hello dhfrx,
Is your Ubuntu host part of Active Directory domain? If that’s the case, you are most likely experiencing the problem with AD Group Policy described here:
https://www.nomachine.com/AR12P01007
If that’s not the case, please check system authentication log (/var/log/auth.log) for entries referencing nxexec. Could you post auth log messages added during failed authentication attempt? You can also send them to forum[at]nomachine[dot]com.
Hello reesd,
Please update your NoMachine installations on both client and server side, to the latest NoMachine release. Supplementary groups management was improved some time ago.
Hello dstn,
Is your system configured to use dynamic home directory mounting?
Can you log on to the desktop of a different user, start terminal, su to root and execute command:/bin/bash -c “cd ~<user> 2>/dev/null && pwd”
where <user> is the name of user which you try to authenticate with key.
Does it return the proper home directory path?Hello Dinosaur,
Windows 7 by default limits the use of blank password to console login only.
You can disable this restriction using policy editor as described in this thread:https://superuser.com/questions/106917/remote-desktop-without-a-password
Hello Dinosaur,
What’s the exact output of nxplayer when you’re trying to connect to Windows? Does it say ‘Authentication failed’, or perhaps it’s stuck on spinning wheel, or perhaps something else happens?
Hello StMartin81,
Logs indicate that you’re using pam_mount module to mount user’s home directory.
Please, check this article explaining how to solve issues related to NoMachine and pam_mount:https://www.nomachine.com/AR09N00902&an=pam_mount
Let us know if this solves the problem.
Hello ifyffe,
Please, check if lsass.exe process is running in protected mode.
To do so:
1. Download and install Process Explorer using this link:
https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx
2. Start Process Explorer as Administrator.
3. Double click on lsass.exe process and check the value of ‘Protected’ in ‘Security’ tab.
Hello Jaster,
The logs you provided were not sufficient to understand the issue you’re experiencing. In order the get the better picture of what’s going on we would like you to use a version of libnxservice64.dll with additional logs enabled. Would you like to give it a try?
Hello fermulator,
The solution for the problem will be part of next NoMachine official release, which should come out in the next two-three months. Our advice to users experiencing the issue is to downgrade krb5-workstation packages for now.
Hello vnaipaul,
Although it’s possible to access NoMachine via web player, NoMachine itself is not a web application. NoMachine is meant to allow access to operating system, not just to HTTP server, so it uses authentication methods integrated with OS by default. This means that the most logical way of using NoMachine with various identity providers is by configuring system to use them. It may include installation of specific PAM modules. This also means that potential selection of identity providers should be done by OS.
Hello Hosioneh,
Perhaps there’s a connection issue between your Apple machine (M1) and your office PC (P3). Can you successfully access your second office machine (P4) using M1? When connecting to P3 from M1, do you get to the stage where you are asked for user name and password? Do you see messages containing ‘Authentication failed’ in nxerror.log on your P3 machine, appearing after failed authentication attempt?