Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 4210 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN5 User Portal: RDP Connection secured by AD Group membership

jjuergenn
Hi All,
I've configured Sophos UTM Portal-Access for authentication by AD Group membership. This works fine.

I've configrued RDP Connections on the HTML5 Portal. The Access to the RDP-Connection is protectet by AD-Group Membership (different Group as for Portal Access). However the RDP Connection does not appear for a user belong to the defined AD Group. If I add the AD user direct to the Access list, the RDP-Connection will appear. 

I am using UTM Version 9.2

What is my mistake?

REgards,
Juergen


This thread was automatically locked due to age.
  • 0
    Jürgen, what happens when you edit the AD Server Definition and test with a group ember - does the UTM show the group name?  

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Hi Bob, thanks for answer.

    I'm sorry, but what test do you mean? 
    Definitions & Users --> Authentication Services --> Servers --> Edit --> Authenticate example user (Test)   works fine. But this is only an PW test.

    Regards, Jürgen
  • 0
    Yes, that's the test, but it should show Group membership if they're configured correctly.  For example, for my user:



    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Hi Bob, yes the test pass successfull and the required Membership (in this cas RES-PORTAL-HTML5-SRV15RDS-RDP) is shown.

    However, the HTML5 Page will not appear in the user Portal.

    Regards,
     Juergen
  • 0
    However, the HTML5 Page will not appear in the user Portal.

    After I saw this, I re-read this thread.  Now it's clear to me what you were concerned about.  In fact, I think this would be a feature request.

    Unfortunately, the solution today is to sync the HTML5 RDP users from the AD to the UTM and add them to the HTML5 definition as allowed users, just as you tried initially.  I would urge you to open a support ticket on this issue just to be sure Support escalates the issue to the developers.  hen again, if they have a work-around, please share!

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    I'm also seeing this issue and found this post on my way to opening a new one. 

    I have an intranet page I'd like to publish to all User Portal users. User Portal is granted access to an AD Group: Management > User Portal > Allow all users=NO > Allowed Users > MyUserPortalADGroup

    The portal connection has the AD group under allowed users: Remote Access > HTML5 VPN Portal > IntranetHTML5PortalConnection > Allowed users (Userportal) > MyUserPortalADGroup

    If I grant access to a local user or group the connection is displayed. With the AD group defined, the connection is not displayed.


    Jurgen - did you open a feature request?
Unfiltered HTML