Cato

Forum Replies Created

Viewing 15 posts - 106 through 120 (of 154 total)
  • Author
    Posts
  • in reply to: Authenticate NX server with Winbind (Redhat) #15377
    Cato
    Participant

    Hello elad.azary,

    When you authenticate using SSH from terminal, is it Kerberos authentication or public-key authentication?

    If you used public-key authentication with terminal SSH client so far, please try Kerberos authentication to check if it’s not just Winbind configuration issue.

    Cato
    Participant

    Hello antonioking,

    Please follow these instructions to help us understand your issue:

    1. Open terminal on your Mac OS X host on some other non-root account. Check if ‘su <problematic_user_name>’ command
    works correctly.

    2. Recreate the issue, and collect sever-side logs from Mac host according to

    https://www.nomachine.com/DT07M00098#2

    In terminal, from root account run: ‘grep nxexec /var/log/system.log > nxexec.log’.
    Send NoMachine server logs and nxexec.log file to forum[at]nomachine[dot]com.

    in reply to: Can connect one way but not the other #14946
    Cato
    Participant

    Hello RiTides,

    Please, check if lsass.exe process is running in protected mode.

    To do so:

    1. Download and install Process Explorer using this link:

    https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx

    2. Start Process Explorer as Administrator.

    3. Double click on lsass.exe process and check the value of ‘Protected’.

    If lsass is NOT working in protected mode gather the logs using this instructions:

    https://www.nomachine.com/DT07M00098

    and send them to forum[at]nomachine[dot]com.

    If lssass is working in protected mode, you can completely uninstall Avast antivirus, or you can try to use alternative antivirus software. From what we know, NoMachine works fine with AVG antivirus when ‘Disable antivirus self protection’ option is used.

    in reply to: Service starts and stops directly after the start #14461
    Cato
    Participant

    Hello jmartinze,

    Please, make sure that you performed system reboot after installation.

    If the problem still persists:

    1. Gather NoMachine logs using this guide: https://www.nomachine.com/DT07M00098.

    2. Check the value of ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa’
    registry key.

    3. Check if ‘nxlsa’ module is loaded correctly using Process Explorer:

    – Download and install package from https://technet.microsoft.com/pl-pl/sysinternals/processexplorer.

    – Start Process Explorer as Administrator.

    – Click on ‘Find’ and ‘Find handle or DLL’. Type ‘nxlsa’ in search box.

    If the module is correctly loaded, search result will show that module belongs to ‘lsass.exe’ process.

    Send logs, value of registry key and result of ‘nxlsa’ query to forum[at]nomachine[dot]com.

    in reply to: Unable to connect to NoMachine #14376
    Cato
    Participant

    Hello Joel9576,

    I suspect that default user profile on your host might be corrupted. You can try to create few user accounts and check if it’s possible to login on their desktops. If you experience any problems, please refer to this Stack Overflow thread:

    https://superuser.com/questions/947398/cant-login-with-new-local-users-in-windows-10

    in reply to: Unable to connect to NoMachine #14291
    Cato
    Participant

    Hello Joel9576,

    We provided you with patched version fixing issue with unavailable descriptor, described in this thread: https://www.nomachine.com/forums/topic/error-descriptor-fd_____-not-available

    In logs you recently sent we found another issue. It’s not possible to obtain home directory for ‘nx’ user. In past such problem occurred when Windows hosts were part of Active Directory and NoMachine was installed on Domain Controlled (Windows Server). Is this a case in your setup? Can you uninstall NoMachine on Domain Controller and reinstall NoMachine on hosts on which you experience problems?

    in reply to: Windows reboots – critical error in lsass.exe? #14205
    Cato
    Participant

    Hello piotr,

    We can try to extract more information from memory dumps generated during lsass.exe crash. You should be able to find them in ‘C:/Windows/Minidump/‘. We’re interested in recent *dmp file.

    Please contact us via email at forums[at]nomachine[dot]com on details about uploading memory dump. Include link to forum thread in subject.

    In the meantime, you can uninstall nxlsa module, if you don’t need server’s functionalities.
    This command needs to be executed with Administrator’s rights:

    \bin\nxservice64.exe –uninstall nxlsa

    Problems with lsass should be gone after reboot.

    in reply to: Changes disabled #14174
    Cato
    Participant

    Hello chiamarc,

    Please gather client side logs after failed authentication attempt, following these instructions:

    https://www.nomachine.com/DT07M00098

    It would also be helpful to see the content of ‘/etc/pam.d’ directory.
    Send logs and tar archive of ‘/etc/pam.d’ to forums[at]nomachine[dot]com.

    in reply to: Service starts and stops directly after the start #14165
    Cato
    Participant

    Hello,

    Please, check thread:

    https://www.nomachine.com/forums/topic/nomachine-not-starting

    and verify if you’re experiencing:

    https://www.nomachine.com/TR03O07676

    in reply to: Unable to connect to NoMachine #14108
    Cato
    Participant

    Hello Joel9576,

    Please make sure that you started ProcessExplorer as Administrator, when it’s launched without rights elevation it doesn’t correctly report protection mode.
    In case you rule out protection level as potential source of problems, send us server-side logs gathered according to these instructions:

    https://www.nomachine.com/DT07M00098

    Send them to forum[at]nomachine[dot]com

    in reply to: NoMachine not starting #14107
    Cato
    Participant

    Hello esan123,

    We created trouble report for your issue:

    https://www.nomachine.com/TR03O07676

    We’re intensively working on solution, you can follow the state of TR.

    in reply to: NoMachine not starting #14079
    Cato
    Participant

    Hello esan123,

    What kind of antimalware software do you use, if any? We’re aware of problems with NoMachine when lsass.exe system service runs in protected mode which is often enabled by installation of antimalware applications.

    To verify that this happens in your case:

    1. Download and install Process Explorer using this link:

     https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx

    2. Start Process Explorer as Administrator.

    3. Double click on lsass.exe process anc check the value of ‘Protected’

    Cato
    Participant

    Hello milosg,

    We need logs from your NoMachine server machine. Please, use these instructions:
    https://www.nomachine.com/DT07M00098, and send them to forum[at]nomachine[dot]com.

    Excerpts which were provided by you suggest that NoMachine fails to start nxnode process, because it can’t validate user. If you use some specific technology for user management, like LDAP or Active Directory, it’s possible that you need to adjust ‘/etc/nsswitch.conf’ file to include alternative sources of user information.

    in reply to: Pam_sss (nx:account): Access denied for user #13809
    Cato
    Participant

    Hello basmati,

    As you noted, authentication succeeds, login fails at account validation. If you are authenticating against Active Directory it’s worth checking security settings on Domain Controller. Perhaps user or one of groups to which user belongs is denied logon to host.

    You can also try to replace content of /etc/pam.d/nx with content of /etc/pam.d/sshd. It appears to me that sshd PAM configuration might not include pam_sss in account stack. If this is the case, be aware that some account management functionalities, like password reset, won’t be present any more.

    in reply to: Where do I set the path to nxclient working directory? #13491
    Cato
    Participant

    Hello barth,

    Your issue could be solved in two ways:

    1. Allowing access of nxnode process to user’s home directory.

    2. Using alternative location for ‘.nx’ directory.

    First method:

    We need to establish why nxnode is denied access. Are you using AFS, NFS or any other specific file system? You stated that directory is not accessible by root. This shouldn’t matter because nxnode process runs on behalf of connected user. The only exception is when session is started for root himself. In such case nxnode runs impersonating nx user. If you use AFS perhaps you experience this bug:

    https://www.nomachine.com/TR10N07275

    Check if updating NoMachine helps.

    Second method:

    We’ve got feature allowing to configure ‘.nx’ directory location:

    https://www.nomachine.com/FR01E01592&fn=UserNXDirectoryPath

    Note: In article USER_NX_DIRECTORY_PATH key is mentioned, the proper key name is UserNXDirectoryPath.

Viewing 15 posts - 106 through 120 (of 154 total)