Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
ASG-Remote Desktop connects to clients using database account
#1
Hi all,

we are using ASG-Remote Desktop in our environment to connect to numerous clients (Windows and UNIX based).
We have version 7.3.4144.0

Today we reconized a strange behaviour of this tool.

As we are working for customers, we have multiple domains in place. One is for our workstations and to authenticate to ASG Remote Desktop database.

On some of our clients, we detected a failure login with the user account used for ASG-Remote Desktop database. But this account, even the domain is not known by these clients.
Well, why does ASG-Remote Desktop using the database account to crawl information from the clients and not the one which is set for login?

Anyway we already detected the setting "refresh for connection information" setting is responsible for those logins. If we set this setting to "never" the failure logins disappear.
But we want to know why ASG-RM is using the database account.

Could you please help me out with this?

Thanks in advance!
Reply
#2
The software is not really using the database accounts - but if a request for session information is send to any computer this will be done by the users active windows account - there is always more than 1 attempt for getting the session information (we tried to find out why, but we can't look into the code from Microsoft :-) - so you will have some failures with your "windows account" and afterwards you will get the information by using the one that are assigned to the computer - but we can't change that, it is by design from MS :-)
Regards/Gruss
Oliver
Reply
#3
Hi Oliver,

thanks for your quick response.
Well this is unfortunately unsifficient. We really like this feature but have to disable the "tries" with the Windows account "we are using the same for database connection).
Could you please specify this functinality, why it is using the Windows logon account in first stage? Due to our security agreements, we have to monitor security logs and get always informations about the wrong logins.
Furthermore, you mention, that this is by Microsoft design. Is ASG-RM using an internal feature of windows to get such data?
Reply
#4
It it a WTS-API call from a Microsoft component - so we can't change the behavior - you are not the first one who is asking - but we do not have any other solution for it...
Regards/Gruss
Oliver
Reply
#5
Thanks a lot Oliver!

Sorry for beeing insistent. I was looging for your mentioned API, and from my point of view it should actually be possible to provide login credentials for calling the API.
I understand your position, that there is currently no solution to fix this, but could you manage to take care of this concern for the next release of ASG-RM?
Would be much appreciated!
Reply
#6
I will take this issue into my task list...

It is not only one call - there are a few requests, connecting to the server, getting sessions, getting user information, ... I did debug that in the past and we are currently calling the API with credentials - but at the moment I can't do all the stuff again - I will have a closer look when I will work on this issue... (the dll that is used is mpr.dll)
Regards/Gruss
Oliver
Reply
#7
Thanks Oliver!
Reply
#8
Hi, sorry to bring up this old topic. I understand there is not yet a fix for this issue, but from the initial post I read that this user was able to suppress the message on clients by selecting: 'refresh for connection information' to off.

I cannot find this setting in ASG-RemoteDesktop 2016, also searched the help file. Can you please point me in the right direction?

Thanks!
Reply
#9
Settings=>Connections=>Refresh interval of session information
Regards/Gruss
Oliver
Reply




Users browsing this thread: 1 Guest(s)