Question regarding Configuring Remote Connections


Hi,

I am trying to configure RDP connections, and for the same , i found
that we can use either Windows AD or Novell eDirectory as LDAP for our
privileged accounts.

However, i am not able to find any resource/document, for configuring
using Novell eDirectory. (All the documents i found listed how to use
Windows AD to configure RDP)

Do we have to use Windows AD only for the same. Also where can i find
any documentation/resources in depth for configuring the same.

Any help will be highly appreciable.

Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975


  • Yogesh,

    Please see implementation of your requirement. Hope, it would help.

    www.youtube.com/watch

  • Hi RK,

    Thanks for the youtube link.

    I created a RDP rule, as shown in the video. Now when i login into the
    rdprelay link, i see a system icon under the RDP rule. But on clicking
    that system icon, i get a blank white screen, and nothing happens.

    When checking the reports, in the framework console, there is a entry
    for the connection to the remote, bot when i try and view the keystroke
    replay, it says 'session is not terminated', even though i have logged
    out of the session.

    Also, in one post i read that we should install RDPrelay package on the
    target host also. Does that mean, we have to install the packages on the
    machine we are trying to access remotely. If so, please explain me how
    to install a .PAK file (for rdprelay package) on that machine.

    I am trying to access Windows server 2008 remotely through RDP. Is
    rdprelay O.S. dependent?
    Please provide me more details on the same.

    Thanks and Regards,
    Yogesh


    --
    yogesh09021983
    ------------------------------------------------------------------------
    yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
    View this thread: https://forums.netiq.com/showthread.php?t=44975


  • Yogesh,

    I see following issues it would be:
    - For RDPRelay, end server need not to be PUM agent.

    If you are getting white screen then update your hosts files on
    following systems:
    - Local machine from where you are starting RDP Relay i.e., where you
    are running browser.
    - PUM Manager where you have configured rule for RDP Relay.

    You have to make sure that RDPRelay package is available on PUM Server.
    Also, when you click on "rdprelay" link you get pop-up for remote which
    shows IP or DNS name. Make sure that you are able to reach that server
    from Local

  • Hi RK,

    I followed the steps you have mentioned. And now i am able to connect to
    the system using RDP.

    I logged into the system using RDP, and then performed few tasks, but
    now when i try to check the keystroke replay (or try to play the output)
    in the Reporting option in the framework manager, i am getting a message
    '*Invalid date*', and no output is shown
    :(.

    Also, can you please provide me any document/resource which describe the
    RDPRelay (for domain, as well as non domain servers) more elaborately.
    It will be of great help.

    Thanks and Regards,
    Yogesh


    --
    yogesh09021983
    ------------------------------------------------------------------------
    yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
    View this thread: https://forums.netiq.com/showthread.php?t=44975


  • What is the name of your 'Account Domain'?

    We use the account domain and username to create your 'credential' that
    are used within the rules.

    For example, my account domain looks like the following:

    host1\Administrator
    (host1 is the name of the hostname or computer name of the agent host)

    A bad example of an account domain would be:
    192.168.1.110\Administrator
    (192.168.1.110 is the IP address of the agent host and while you might
    be able to rdp relay in with this account domain in NPUM 2.3.1, it would
    fail to audit the session, due to the misconfiguration and you'd see the
    error below.)


    I'd start by looking in the unifid.log on the 'agent' and search for the
    following messages:

    Warning, Failed to find user account details for
    192.168.1.110\Administrator
    Info, rexec auditSession client:host1 rc:0 status:404(Failed to find
    user account details) (32ms)

    If you see these errors, try changing your Account Domain name to the
    hostname. example: host1\Administrator



    yogesh09021983;216419 Wrote:
    > Hi RK,
    >
    > I followed the steps you have mentioned. And now i am able to connect to
    > the system using RDP.
    >
    > I logged into the system using RDP, and then performed few tasks, but
    > now when i try to check the keystroke replay (or try to play the output)
    > in the Reporting option in the framework manager, i am getting a message
    > '*Invalid date*', and no output is shown
    > :(.
    >
    > Also, can you please provide me any document/resource which describe the
    > RDPRelay (for domain, as well as non domain servers) more elaborately.
    > It will be of great help.
    >
    > Thanks and Regards,
    > Yogesh



    --
    deni
    ------------------------------------------------------------------------
    deni's Profile: https://forums.netiq.com/member.php?userid=1793
    View this thread: https://forums.netiq.com/showthread.php?t=44975


  • Hi Deni,

    The name of my account domain is : 'novell-idm\Administrator'.

    And i am not able to find any errors(mentioned by you) in the
    unifid.logs.

    The pseudocode for my rule is as follows:

    Begin Rule: RDP_local_rule
    If ((command IN RDP_command))
    Then
    Set Authorize: yes
    Set Session Capture: yes
    Set runUser = "novell-idm\Administrator"
    Stop if authorized
    End If
    End Rule: RDP_local_rule

    I am successfully able to connect with the host using RDP, but still on
    checking the Reporting icon, and trying and play the keystroke replay ,
    i am getting an 'Invalid date' message.

    Please help with any resource or documents for the RDP configuration.

    Thanks and Regards,
    Yogesh


    --
    yogesh09021983
    ------------------------------------------------------------------------
    yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
    View this thread: https://forums.netiq.com/showthread.php?t=44975


  • Hi Deni,

    Can you also provide me any document for configuring RDP for Windows
    server in a domain (using Active directory), as i am not able to find
    any help on the same.

    Regards,
    Yogesh


    --
    yogesh09021983
    ------------------------------------------------------------------------
    yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
    View this thread: https://forums.netiq.com/showthread.php?t=44975


  • Yosgesh,

    It appears that your rule is configured correctly (as you are able to
    rdp) however we are not seeing the audit data we should.

    A few questions.

    1. What version of Windows is running on novell-idm (including support
    pack)? ex: Windows 2008 R2 SP1 64bit
    2. On the host | Start | run | tsconfig.msc | On this page, what is
    the setting for 'Restrict each user to a single session'?
    3. Please send a screenshot/listing of the strfwd directory. C:\Program
    Files\novell\npum\
    4. Please the Admin GUI | Hosts | Select 'novell-idm' - take a
    screenshot, including the right hand of the page.

    I'd recommend to turn on Debug logging on the agent.

    5. Login to the Admin GUI | Hosts | Select 'novell-idm' | in the left
    nav, select 'Host Log settings'. Change the logging to 'Debug' and also
    check the checkbox for 'Show all Tasks'.
    6. Reboot the agent (so there are no rpd sessions, plus it will give me
    a marker in the log for the reboot)
    7. Right after the reboot, start an RPD Relay session via the RPD relay
    url - do things like open notepad and type a few characters, then log
    off.
    8. Verify you see the new session in Reporting, but don't see the audit
    data - if so...
    9. Email me all the unifid.logs from reboot until the end of the session
    (there might be rolled over log files)
    Email the files to brett at novell dot com

    Thanks,

    Brett


    --
    deni
    ------------------------------------------------------------------------
    deni's Profile: https://forums.netiq.com/member.php?userid=1793
    View this thread: https://forums.netiq.com/showthread.php?t=44975


  • Hi Brett,

    I am now able to see the audit logs for the RDP session.

    I am using the following machine for RDP:
    1) Windows Server 2008 R2 Datacenter
    SP1
    64 bit OS

    2) On novell-idm, i checked tsconfig.msc
    And the setting is:

    Restrict each user to a single session: Yes

    I have figured out that:
    1) I had not installed a PUM agent on novell-idm machine. Once i
    installed and registered the agent on that machine, i am able to see the
    audit logs.
    Now my question is :
    Do we have to install a PUM agent on all the machines with whom we want
    to connect using RDP? (I have read it somewhere on the forum ,that we do
    not require to install any agent on the windows machines we are trying
    to access using the RDP)

    Also, please provide me a detailed document as to how can i configure
    RDP for domain servers. It would be a great help.

    Thanks and Regards,
    Yogesh


    --
    yogesh09021983
    ------------------------------------------------------------------------
    yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
    View this thread: https://forums.netiq.com/showthread.php?t=44975


  • Hi Brett,

    I also wanted to know:
    1) Does the communication between PUM's framework manager and the system
    connected using RDP also happnes on port 29120?
    If so, if we do not have PUM agent installed on the machine connected
    using RDP, how can we open the port 29120?

    Thanks,
    Yogesh


    --
    yogesh09021983
    ------------------------------------------------------------------------
    yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
    View this thread: https://forums.netiq.com/showthread.php?t=44975