Anonymous_User Absent Member.
Absent Member.
822 views

Question regarding Configuring Remote Connections


Hi,

I am trying to configure RDP connections, and for the same , i found
that we can use either Windows AD or Novell eDirectory as LDAP for our
privileged accounts.

However, i am not able to find any resource/document, for configuring
using Novell eDirectory. (All the documents i found listed how to use
Windows AD to configure RDP)

Do we have to use Windows AD only for the same. Also where can i find
any documentation/resources in depth for configuring the same.

Any help will be highly appreciable.

Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
15 Replies
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Yogesh,

Please see implementation of your requirement. Hope, it would help.

http://www.youtube.com/watch?v=h-P3m8Coo1o&feature=youtu.be

Regards,
RK


--
rajeshemailto
------------------------------------------------------------------------
rajeshemailto's Profile: https://forums.netiq.com/member.php?userid=196
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Hi RK,

Thanks for the youtube link.

I created a RDP rule, as shown in the video. Now when i login into the
rdprelay link, i see a system icon under the RDP rule. But on clicking
that system icon, i get a blank white screen, and nothing happens.

When checking the reports, in the framework console, there is a entry
for the connection to the remote, bot when i try and view the keystroke
replay, it says 'session is not terminated', even though i have logged
out of the session.

Also, in one post i read that we should install RDPrelay package on the
target host also. Does that mean, we have to install the packages on the
machine we are trying to access remotely. If so, please explain me how
to install a .PAK file (for rdprelay package) on that machine.

I am trying to access Windows server 2008 remotely through RDP. Is
rdprelay O.S. dependent?
Please provide me more details on the same.

Thanks and Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Yogesh,

I see following issues it would be:
- For RDPRelay, end server need not to be PUM agent.

If you are getting white screen then update your hosts files on
following systems:
- Local machine from where you are starting RDP Relay i.e., where you
are running browser.
- PUM Manager where you have configured rule for RDP Relay.

You have to make sure that RDPRelay package is available on PUM Server.
Also, when you click on "rdprelay" link you get pop-up for remote which
shows IP or DNS name. Make sure that you are able to reach that server
from Local & PUM server along and Remote Desktop is enabled for Local
Account which you have configured in PUM Command Control.

Hope, it help!
RK


--
rajeshemailto
------------------------------------------------------------------------
rajeshemailto's Profile: https://forums.netiq.com/member.php?userid=196
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Hi RK,

I followed the steps you have mentioned. And now i am able to connect to
the system using RDP.

I logged into the system using RDP, and then performed few tasks, but
now when i try to check the keystroke replay (or try to play the output)
in the Reporting option in the framework manager, i am getting a message
'*Invalid date*', and no output is shown
:(.

Also, can you please provide me any document/resource which describe the
RDPRelay (for domain, as well as non domain servers) more elaborately.
It will be of great help.

Thanks and Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


What is the name of your 'Account Domain'?

We use the account domain and username to create your 'credential' that
are used within the rules.

For example, my account domain looks like the following:

host1\Administrator
(host1 is the name of the hostname or computer name of the agent host)

A bad example of an account domain would be:
192.168.1.110\Administrator
(192.168.1.110 is the IP address of the agent host and while you might
be able to rdp relay in with this account domain in NPUM 2.3.1, it would
fail to audit the session, due to the misconfiguration and you'd see the
error below.)


I'd start by looking in the unifid.log on the 'agent' and search for the
following messages:

Warning, Failed to find user account details for
192.168.1.110\Administrator
Info, rexec auditSession client:host1 rc:0 status:404(Failed to find
user account details) (32ms)

If you see these errors, try changing your Account Domain name to the
hostname. example: host1\Administrator



yogesh09021983;216419 Wrote:
> Hi RK,
>
> I followed the steps you have mentioned. And now i am able to connect to
> the system using RDP.
>
> I logged into the system using RDP, and then performed few tasks, but
> now when i try to check the keystroke replay (or try to play the output)
> in the Reporting option in the framework manager, i am getting a message
> '*Invalid date*', and no output is shown
> :(.
>
> Also, can you please provide me any document/resource which describe the
> RDPRelay (for domain, as well as non domain servers) more elaborately.
> It will be of great help.
>
> Thanks and Regards,
> Yogesh



--
deni
------------------------------------------------------------------------
deni's Profile: https://forums.netiq.com/member.php?userid=1793
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Hi Deni,

The name of my account domain is : 'novell-idm\Administrator'.

And i am not able to find any errors(mentioned by you) in the
unifid.logs.

The pseudocode for my rule is as follows:

Begin Rule: RDP_local_rule
If ((command IN RDP_command))
Then
Set Authorize: yes
Set Session Capture: yes
Set runUser = "novell-idm\Administrator"
Stop if authorized
End If
End Rule: RDP_local_rule

I am successfully able to connect with the host using RDP, but still on
checking the Reporting icon, and trying and play the keystroke replay ,
i am getting an 'Invalid date' message.

Please help with any resource or documents for the RDP configuration.

Thanks and Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Hi Deni,

Can you also provide me any document for configuring RDP for Windows
server in a domain (using Active directory), as i am not able to find
any help on the same.

Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Yosgesh,

It appears that your rule is configured correctly (as you are able to
rdp) however we are not seeing the audit data we should.

A few questions.

1. What version of Windows is running on novell-idm (including support
pack)? ex: Windows 2008 R2 SP1 64bit
2. On the host | Start | run | tsconfig.msc | On this page, what is
the setting for 'Restrict each user to a single session'?
3. Please send a screenshot/listing of the strfwd directory. C:\Program
Files\novell\npum\
4. Please the Admin GUI | Hosts | Select 'novell-idm' - take a
screenshot, including the right hand of the page.

I'd recommend to turn on Debug logging on the agent.

5. Login to the Admin GUI | Hosts | Select 'novell-idm' | in the left
nav, select 'Host Log settings'. Change the logging to 'Debug' and also
check the checkbox for 'Show all Tasks'.
6. Reboot the agent (so there are no rpd sessions, plus it will give me
a marker in the log for the reboot)
7. Right after the reboot, start an RPD Relay session via the RPD relay
url - do things like open notepad and type a few characters, then log
off.
8. Verify you see the new session in Reporting, but don't see the audit
data - if so...
9. Email me all the unifid.logs from reboot until the end of the session
(there might be rolled over log files)
Email the files to brett at novell dot com

Thanks,

Brett


--
deni
------------------------------------------------------------------------
deni's Profile: https://forums.netiq.com/member.php?userid=1793
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Hi Brett,

I am now able to see the audit logs for the RDP session.

I am using the following machine for RDP:
1) Windows Server 2008 R2 Datacenter
SP1
64 bit OS

2) On novell-idm, i checked tsconfig.msc
And the setting is:

Restrict each user to a single session: Yes

I have figured out that:
1) I had not installed a PUM agent on novell-idm machine. Once i
installed and registered the agent on that machine, i am able to see the
audit logs.
Now my question is :
Do we have to install a PUM agent on all the machines with whom we want
to connect using RDP? (I have read it somewhere on the forum ,that we do
not require to install any agent on the windows machines we are trying
to access using the RDP)

Also, please provide me a detailed document as to how can i configure
RDP for domain servers. It would be a great help.

Thanks and Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Hi Brett,

I also wanted to know:
1) Does the communication between PUM's framework manager and the system
connected using RDP also happnes on port 29120?
If so, if we do not have PUM agent installed on the machine connected
using RDP, how can we open the port 29120?

Thanks,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


All Agent communication happens on port 29120 (regardless of platform).
(audit,etc)

On the RPD relay manager, it also uses port 3389 is used for RPD.

- Brett


--
deni
------------------------------------------------------------------------
deni's Profile: https://forums.netiq.com/member.php?userid=1793
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Yogesh,

Yes, it is required to install the Windows Agent on the hosts if you
want to audit the session. If something is contradictory in the forums,
they are incorrect.

As far as you questions about RPD for Domain servers. You just need to
create a Privileged Account Domain for your AD hosts.

Creating Privileged Accounts Domains for Active Directory (AD) hosts

1. Home | Command Control | Privileged Accounts | from the task menu on
the left, select ' Add Account Domain'
2. Creating Account Domain
◦ Insert desired 'Name' – ex: Should be your AD Domain name
◦ Change 'Type' to 'LDAP'
◦ Select 'Profile' of 'Windows Active Directory'
◦ Insert 'LDAP URL' - ex: IPaddress of the host
◦ Select 'Lookup' button (should pull in your Base DN ex:
DC=pumad,DC=com)
◦ Insert desired 'Account' – ex: Administrator
◦ Insert Account Password
◦ Finish

Then use this within an RPD rule. (from the credentials drop down, use
this AD\Administrator credentials you just created above.

Hope that helps.

-Brett


--
deni
------------------------------------------------------------------------
deni's Profile: https://forums.netiq.com/member.php?userid=1793
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Thanks Deni..

The steps provided by you were really helpful!!!!

Thanks again.

Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question regarding Configuring Remote Connections


Hi Brett,

I am facing a new problem. In the framework manager, under the reporting
tab, on viewing the command control reports, and checking the keystroke
replay, the commands are not coming in the color-coded way. Also the
options 'Show audited commands' and 'Show profile command' checkboxes
are disabled.

Please let me know, how to get the command control reports in a
color-coded manner, and how can these options be enabled.

I am mailing you the screenshots for the same at : brett at novell dot
com

I'll be mailing you from the following mailing ID: mansi.t@tcs.com

Thanks and Regards,
Yogesh


--
yogesh09021983
------------------------------------------------------------------------
yogesh09021983's Profile: https://forums.netiq.com/member.php?userid=683
View this thread: https://forums.netiq.com/showthread.php?t=44975

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.