Forum / NoMachine Terminal Server Products / LDAP and NoMachine Enterprise Terminal Server
- This topic has 6 replies, 2 voices, and was last updated 2 years ago by Britgirl.
-
AuthorPosts
-
September 23, 2022 at 15:00 #40314MarkParticipant
I have configured a new machine with NoMachine Enterprise Terminal Server. For the purposes of this though, I am only using the node as a single server; it is not part of a running cluster — that would be later.
The machine resides in an AWS instance in London and has been configured to authenticate via Google Secure LDAP.I can connect to the instance using SSH and the correct username/password combination.
I noticed that I was sometimes unable to login via NoMachine – after a few days away (looking at another NoMachine installation), I circled back and captured some logs.
I ran the following command on the server in question
tail -f /var/log/messages /var/log/secure /var/log/audit/audit.log /usr/NX/var/log/*log(see images)
The command issue seems to be when nxexec is called but I am unclear how to debug this further.
Can you help?
Thanks in advance
MarkAttachments:
September 23, 2022 at 17:51 #40330BritgirlKeymasterHi,
it looks like
nexexec --auth
is timing out. Try extending the timeout in the following key available in the server.cfg file#
# Set for how long the server will wait for the authentication phase
# to be completed on the system. By default timeout is set to 30
# seconds. Increase this value when the authentication process on
# the system takes longer. This setting applies also to two-factor
# authentication.
#
#AuthorizationTimeout 30September 24, 2022 at 10:00 #40335MarkParticipantThanks, I’d already seen that
Given that ssh connections are significantly quicker and both use PAM, I wondered whether we could add additional debugging to understand why nxexec timed out so many times
September 27, 2022 at 17:13 #40389MarkParticipantI increased the timeout to 60s and increased the debug level to 7
I was still unable to login so have attached the nxserver.log file in the hope that someone in support is able to comprehend where the issue is
September 28, 2022 at 09:20 #40408BritgirlKeymasterHi, setting the key to 60s should be enough. If it’s not it could suggest something is wrong with your configuration. Additional debugging can be done but not via the forums. One of the team will contact you to provide further instructions.
September 28, 2022 at 12:02 #40416MarkParticipantThanks – I will wait for someone to contact me.
I do not believe that this will be a network issue though – as I stated, ssh connections are almost instant.
The servers are located in an AWS facility and are authenticating against Google Secure LDAP servers
September 28, 2022 at 16:13 #40427BritgirlKeymasterThanks for the additional info. Please check your inbox
-
AuthorPosts
This topic was marked as solved, you can't post.