This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Prohibit NTLM machine login

Hi,

can anybody tell me how to prohibit the login of windows machine accounts?

My problem is the following:

For some reason, some users login into XG via NTLM with there user-account and machine-account too.

But the machine-account has no right to access the WAN, an error message is displayed and the user is unable to access the internet.

In my understanding every individual that tries to login is checked against the avaiable authentication servers and if there is a match but no group inside the XG, the user is mapped into the "Open Group". In my case, the computer/machine-accounts are going here.

The used LDAP-authentication is pointed to the root tree of AD structure, not to a specific folder.

EDIT:

As I found this KB atricle, it descibes my problem, but the part with "Once the user logs in, the Machine Name is replaced by the username." is wrong, it doenst't happen.

This thread was automatically locked due to age.

Parents

0 M8ey over 7 years ago

What happens if you go to Configure / Network and Untick NTLM for LAN

I get the same issue on my XG but not often.
Cancel
Vote Up 0 Vote Down

Cancel
0 Mr.Roboto over 7 years ago in reply to M8ey

Good idea, but there are linux machines and a few windows machines that are using kerberos.

And the NTLM checkbox, so I remember, controls kerberos too.

And the moment we're fixing the problems by rolling out the client auth agent, but at all - this is not satisfying.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Mr.Roboto over 7 years ago in reply to M8ey

Good idea, but there are linux machines and a few windows machines that are using kerberos.

And the NTLM checkbox, so I remember, controls kerberos too.

And the moment we're fixing the problems by rolling out the client auth agent, but at all - this is not satisfying.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data