Forum / NoMachine for Windows / Smart Card Authentication and forwarding
- This topic has 5 replies, 3 voices, and was last updated 3 years, 10 months ago by Dawid.G.
-
AuthorPosts
-
December 23, 2020 at 12:34 #30860MacGPParticipant
Implementation:
Servers: ESXi VMWare Win 10 x64 1909 VM running NoMachine Enterprise V6.10.12_1 and V7.0.208_4
Clients: Win 10 x64 1909 running NoMachine Enterprise V6.11.2_1 and V7.0.208_5
Requirements:
1. Smart card authentication
2. Smart card reader forwarding from client to host
Issues:
Audio install fails (-536870329)
USB install fails (-1)
Smart Card Auth fails
I’ve checked out everything I can find in the forums and online but can’t seem to get this sorted out. I’ve uninstalled and re-installed numerous times. I’ve deployed a fresh Win 10 1909 VM with working audio and USB, but still can’t get NM to install properly. I’ve attached the device and install logs.
Password based AD authentication hasn’t been an issue but our users require smart card auth as it’s their only means of authenticating. I’ve implemented a workaround as I haven’t been able to find much on how to configure NM to work with smart cards for Windows in an AD environment.
USB and audio issues aside, if users can authenticate with AD using smart cards, what do I have to do to make it work with NM?
December 23, 2020 at 12:37 #30880BilbotineParticipantHi MacGP,
There was an error during the upload of logs. Can you please send them to forum[at]nomachine[dot]com, referencing the topic as subject ?
Can you also explain us how you want to use that Smart Card Authentication (a step by step description would be nice), as we wonder if the USB will be needed, or not, do achieve what you want to.
Thank you!
December 23, 2020 at 16:31 #30890MacGPParticipantInstall and device logs have been emailed. Additionally, I’ve sent the failed connection logs for smart card authentication using NX and SSH protocols.
Most users authenticate to the Windows AD Domain using their smart card, they insert their card into the reader and enter their pin.
Smart card users do not have password authentication.
Objective:
1. Users insert their smart card into a USB card reader at their workstation.
2. Users enter their pin at the logon prompt and are granted access to their Windows workstation.
3. Users launch the NoMachine Enterprise Client and connect to the NoMachine Enterprise Server.
4. Since users have no passwords, they must use a Smart Card to authenticate the remote connection.
5. Once connected to the server, the user must then authenticate again into the domain on the server, hence the need for USB forwarding.
I hope this provides some clarity into what I need to accomplish.
Thanks for taking the time to help.
January 13, 2021 at 08:49 #31240Dawid.GParticipantHello,
You may try something like this:
1. Uninstall NoMachine
2. Unregister “NoMachine USB Hub Filter” in Windows registry. You can find info about this following this link: https://www.nomachine.com/it/AR10K00732
3. Reboot
4. Install NoMachine
I hope it helps.
January 13, 2021 at 17:57 #31262MacGPParticipantThanks Dawid, I have come across that article and tried to follow all of the steps. It did not get me any closer to getting Smart Card Authentication or USB forwarding to work.
February 19, 2021 at 09:31 #32048Dawid.GParticipantIs it ok if we’d send you a debug package in order to get more detailed logs?
Please install if possible the package you’ll receive via e-mail and send us a client and the server logs you will acquire by following this article: https://www.nomachine.com/DT10O00163
It would be also great if you’d send us Event logs from the “C:\Windows\System32\winevt\Logs” directory
Thanks
-
AuthorPosts
Closed because the user did not provide further feedback. Please notify us if you confirm that it is resolved or open a new topic if you have the same problem.