Posts: 4
Threads: 1
Joined: Mar 2014
Reputation:
0
Hi all,
we are using ASG-Remote Desktop in our environment to connect to numerous clients (Windows and UNIX based).
We have version 7.3.4144.0
Today we reconized a strange behaviour of this tool.
As we are working for customers, we have multiple domains in place. One is for our workstations and to authenticate to ASG Remote Desktop database.
On some of our clients, we detected a failure login with the user account used for ASG-Remote Desktop database. But this account, even the domain is not known by these clients.
Well, why does ASG-Remote Desktop using the database account to crawl information from the clients and not the one which is set for login?
Anyway we already detected the setting "refresh for connection information" setting is responsible for those logins. If we set this setting to "never" the failure logins disappear.
But we want to know why ASG-RM is using the database account.
Could you please help me out with this?
Thanks in advance!
Posts: 10,628
Threads: 91
Joined: Aug 2006
Reputation:
181
The software is not really using the database accounts - but if a request for session information is send to any computer this will be done by the users active windows account - there is always more than 1 attempt for getting the session information (we tried to find out why, but we can't look into the code from Microsoft :-) - so you will have some failures with your "windows account" and afterwards you will get the information by using the one that are assigned to the computer - but we can't change that, it is by design from MS :-)
Regards/Gruss
Oliver
Posts: 4
Threads: 1
Joined: Mar 2014
Reputation:
0
13-03-2014, 02:28 PM
(This post was last modified: 13-03-2014, 02:29 PM by Luke.)
Hi Oliver,
thanks for your quick response.
Well this is unfortunately unsifficient. We really like this feature but have to disable the "tries" with the Windows account "we are using the same for database connection).
Could you please specify this functinality, why it is using the Windows logon account in first stage? Due to our security agreements, we have to monitor security logs and get always informations about the wrong logins.
Furthermore, you mention, that this is by Microsoft design. Is ASG-RM using an internal feature of windows to get such data?
Posts: 10,628
Threads: 91
Joined: Aug 2006
Reputation:
181
It it a WTS-API call from a Microsoft component - so we can't change the behavior - you are not the first one who is asking - but we do not have any other solution for it...
Regards/Gruss
Oliver
Posts: 4
Threads: 1
Joined: Mar 2014
Reputation:
0
Thanks a lot Oliver!
Sorry for beeing insistent. I was looging for your mentioned API, and from my point of view it should actually be possible to provide login credentials for calling the API.
I understand your position, that there is currently no solution to fix this, but could you manage to take care of this concern for the next release of ASG-RM?
Would be much appreciated!
Posts: 10,628
Threads: 91
Joined: Aug 2006
Reputation:
181
I will take this issue into my task list...
It is not only one call - there are a few requests, connecting to the server, getting sessions, getting user information, ... I did debug that in the past and we are currently calling the API with credentials - but at the moment I can't do all the stuff again - I will have a closer look when I will work on this issue... (the dll that is used is mpr.dll)
Regards/Gruss
Oliver
Posts: 1
Threads: 0
Joined: Nov 2016
Reputation:
0
Hi, sorry to bring up this old topic. I understand there is not yet a fix for this issue, but from the initial post I read that this user was able to suppress the message on clients by selecting: 'refresh for connection information' to off.
I cannot find this setting in ASG-RemoteDesktop 2016, also searched the help file. Can you please point me in the right direction?
Thanks!
Posts: 10,628
Threads: 91
Joined: Aug 2006
Reputation:
181
Settings=>Connections=>Refresh interval of session information
Regards/Gruss
Oliver