Forum Replies Created
-
Posts
-
Hello dorkvader,
In reply to your last message, When NoMachine (server) is installed on an Active Directory Domain controller, the nxserver doesn’t start when the machine is rebooted. A symptom of this is that the !M icon is not present in the system tray.
This problem occurs when the nxservice starts before the Active Domain controller service and therefore NoMachine is unable to correctly impersonate the nx user.
To avoid that nxservice is started before the AD service
1)open the registry editor as administrator (redegit.exe in Power Shell). 2) Find this key:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nxservice
3) and add the following string key:
Name: DependOnService
Value: NTDS
4)Save and restart windows.Hello,
It’s a bit strange as no any issue relates to the nx processes.
Please try the following commands, maybe it will show some NoMachine related processes errors :
Get-WinEvent -LogName “Application” | Where-Object { $_.LevelDisplayName -eq “Error” -and $_.Message -like “*nx*“}
Get-WinEvent -LogName “System” | Where-Object { $_.LevelDisplayName -eq “Error” -and $_.Message -like “*nx*“}
thanks
Please check the Windows event viewer in the Application and System section. The events we are interested in are those which start with nx*, in particular nxexec.exe, nxservice.exe, nxserver.exe, nxlsa.dll.
You can use the following powershell command:
Get-WinEvent -LogName Application -FilterXPath “*[System[(EventID=1000 or EventID=1026 or EventID=1002)]]” -MaxEvents 500
to search faster and scan output data on nx* apps present.
Can you export this output and send us the file?
Thanks
Hello,
Could you take a look at the following article
How to restore proper permissions for nxservice on Windows
http://nomachine.com/AR04V01228and tell us if the steps there help in restoring permissions?
Thanks
hello
Could you please open the powershell terminal as administrator and run the command:
`net start nxservice`
Then, wait 3-5 seconds and check if the server starts and the NoMachine tray bar appears.
Thank you
Hello,
Please check the folder “C:\ProgramData\NoMachine\var\log”. Is this folder empty?
In addition, please gather the logs and send them to forum[at]nomachine[dot]com, making sure to reference the topic as the subject of the email.
To collect the debug logs please refer to the following article: https://kb.nomachine.com/DT07S00243
Thank you in advance.
Hello
please check Windows event logs if there are critical logs related to nxlsa.exe, nxexec.exe, nxservice.exe apps.
It is possible that some critical info present in Windows logs does not appear in NoMachine logs.
Examples for powershell:
Get-WinEvent -LogName Application | Where-Object { $_.Message -like “nxexec.exe” }
Get-WinEvent -LogName Application | Where-Object { $_.Message -like “nxservice.exe” }
Get-WinEvent -LogName System | Where-Object { $_.Message -like “nxlsa.exe” }
Please check https://www.nomachine.com/AR06W01291
It might help if “nx user” lost permissions due to local policy restrictions.
Thanks
Hello
by default NoMachine does not create user groups in internal cache, just for save ruled. Please provide more detailed information of your using scenario.
NoMachine can set rules on AD group, also it is able to create private group and add users to it. For domain users and how to apply profile rules correctly, take a look at: https://kb.nomachine.com/AR04U01198
Hello
please login as use m*****o, open command line window and run command
whoami /privIt will print user privileges and send to us (via email to forum[at]nomachine[dot]com) so that we can compare for testing.
We suspect that some privileges might be disabled which prevent you from correctly using the NoMachine service.
thanks
Hello
The Log Error message indicated that nx user account is invalid. Please ensure that nx user is not registered as ad domain user and has only local profile.Please open powershell windows as admin and run the following command:
Get-LocalUser -Name “nx”
It might show as local user status.
Thanks
Hello
Please provide results of the following:
1.
ls -la /Applications/NoMachine.app/Contents/Frameworks/bin/nxexecto be sure that nxexec had suid flag.
2.
/Applications/NoMachine.app/Contents/Frameworks/bin/nxexec --authit will ask for user password input and allows to check if nxexec interacts correctly with PAM service.
Use local user credentials and network user too if you have.
Hello
We investigated provided log data and it seems that it is not a permission issue. For now we suspect that issue might be related to incorrect interpretation of user token, but standard logs cannot provide such information as for security reason disabled logging one. Please let us know if you are willing to install nomachine debug package on the server and collect verbose logs.
Thanks
Hello
please provide the results from running the following commands in power shell opened as Administrator.
1. net user nx
in result should be listed if the user is still in admin group.
2.
wmic useraccount get name,sid | Select-String nxto have nx user sid so that we can compare with the logs.
3.
secedit /export /areas USER_RIGHTS /cfg privileges.txtto have all permissions of user nx. and send to us privileges.txt file please.
If the default folder of power shell does not allow to save the file, then change path to file to another folder like:
secedit /export /areas USER_RIGHTS /cfg C:\Temp\ privileges.txt4.
Get-WinEvent -FilterHashtable @{LogName = 'Application'} | Where-Object {$_.Message -like '*nx*'}will parse Windows application events and NX items.
I also have an additional question, how much time passed before the last Windows restart and the NoMachine service issues?
Thanks