User whitelist/blacklist on Windows machine

Forum / NoMachine for Windows / User whitelist/blacklist on Windows machine

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #48844
    bsammon
    Participant

    Is it possible to control which users can log in to my Windows machine via NoMachine?  The computer has a number of user accounts, but I only want a subset of those users to have remote(-via-NoMachine) access.

    In my searches, I’ve found an article that seems to suggest that this can be controlled via Active Directory settings (which wouldn’t be applicable in my case) and some references to a “users DB”.

    This seems like it would be a FAQ, but I haven’t found much — is there a document I’ve missed?

    I’m running NoMachine v7 — would this be easier/better with NoMachine 8?

    Does the answer depend a lot on which version of Windows I’m running?

    #48865
    Britgirl
    Keymaster

    Yes, it’s possible, in version 8, and version 7, by using the “EnableUserDB 1” key in the server.cfg file of the host you are connecting to. Before I explain how to do it, I want to mention first what is coming with NoMachine 9 which you might be interested in. NoMachine Network, which will remove the need to know the remote computer’s IP address and simplify connecting over the Internet (so no port-forwarding required), will allow you to configure which users can access the remote host, so what you call a “whitelist”. It’s a very straightforward way for users to limit access to specific users who connect using NoMachine Network.

    Connecting to a remote host using its IP, the following method of enabling and restricting access remains as explained below.

    All commands and edits to the server.cfg file must be executed with administrator privileges. Ensure you open your Command Prompt or PowerShell as an administrator when performing these actions.

    1. Enable User Database
    On the remote Windows where NoMachine is installed, edit server.cfg and set the following parameter:
    EnableUserDB 1

    2. Add Users to the “whitelist”
    To enable access for specific users, use the following command:
    %ALLUSERSPROFILE%\NoMachine\nxserver\nxserver.exe --useradd

    3. Verify Allowed Users
    To check the list of users who have been granted access, run the following command:
    %ALLUSERSPROFILE%\NoMachine\nxserver\nxserver.exe --userlist

    4. Disable Access for a User
    To disable access for an existing user, execute the following command:
    %ALLUSERSPROFILE%\NoMachine\nxserver\nxserver.exe --userdisable

    We will improve our KB with an appropriate FAQ which targets free edition users. For the moment you can read more about this in any of the Enterprise guides: https://kb.nomachine.com/DT10R00171.

Viewing 2 posts - 1 through 2 (of 2 total)

This topic was marked as solved, you can't post.