HP thin client T610 freeRDP old authentication - client

We are using HP Thin Clients type F5A52AA#UUZ (Linux HPThinPro) to connect to a Windows 2016 Terminal Server.
Connection works - but in our environment we use the old RDP authentication (we now the possible DoS problem based on such a configuration) and based on that we don't need the supported pro login of freeRDP.
Is there a simple configuration to hide/turn off the pre login provided by freeRDP?
Sugestions welcome.

Found a solution using custom connection with command line:
xfreerdp -authentication:off /:IPAddress ...

Related

Can WSL inherit windows auth credentials

I'm using WSL in an exclusively windows environment because of a number of tools that are only really available for Linux. I often connect to DBs programmatically and would like to be able to do that without specifying my login information. For example in Python through Windows I could do this:
import pymssql
con = pymssql.connect(server, port)
And that connection would go through without my having to specify any credentials because my AD account has access to the server, and pymssql will use windows auth when no credentials are specified.
In python running on WSL however that doesn't work, and so to make the same connection I would have to additionally pass the user and password parameters.
Is there any way to make WSL inherit windows authentication when running Linux processes?
I got you Fam!
Here is the solution : http://michaeljw.com/blog/post/keyring-r-python-windows/
Here is the Sauce:
Use the Windows Credential Manager to store the creds you want to use
https://support.microsoft.com/en-us/windows/accessing-credential-manager-1b5c916a-6a16-889f-8581-fc16e8165ac0
Here is the command for accessing the credential manager in Python:
keyring.get_password(u"[Domain or URI]", u"[username]")
As long as the user is in the cred manager, you should be able to use that command to variablize creds. You will probably have to play with it a bit to get it right, but it will work. Be sure to read the linked articles.
Enjoy

Subversion installation troubles on Windows 8

After successfully running subversion for years on a Windows 2008 server, I recently moved to Windows 8.1, mainly because the machine does also serve videos to my home network (works fine) and because Windows 8 provides better energy saving on my platform than Windows 2008 server did. So far, so good.
Then I tried to re-install Subversion. I intend to use the built-in server application svnserve.exe. I downloaded the latest windows package, installed it (success), and configured a service (svnserve --service ...) which I can successfully start using the Windows Service Management Console. Port 80 is already taken by a different application, so I let subversion pick 3690, which is fine for me. I used netstat to confirm that svnserve.exe is bound to port TCP:3690, which is listed OK. Just to clear one potential roadblock I also disabled the Windows firewall.
Then I created a sample repository named "test" using svnadmin locally, success as well, a subversion file structure appeared on the harddisk.
Problems arise when I try to access the repository using my local browser (Firefox), an attempt to connect to URLs
http://127.0.0.1:3690[/svn|/svn/test]
all three give me the same cryptical response:
( success ( 2 2 ( ) ( edit-pipeline svndiff1 absent-entries commit-revprops depth log-revprops atomic-revprops partial-replay inherited-props ephemeral-txnprops file-revs-reverse ) ) )
Somehow I have expected a subversion GUI instead.
Connecting from a remote machine via browser reveals the same useless line of text.
Connecting from a remote machine using my usual Tortoise client gives the message:
Unable to connect to a repository at URL 'http://xxx.xxx.xxx.xxx:3690/svn/test
Error running context: The server unexpectedly closed the connection
I tried to add the --log-file option to svnserve, and indeed a log file appears once I start the service, but it is empty and it remains empty.
Trying to use svnserve -X instead of running it as a service reveals the exact same behavior.
Seems I am stuck. Anyone who has an idea what I can do to get that thing working?
Just to help out another beginner running into the same problem ... I finally found the problem: I simply used the wrong client, svnserve does not support web browsers. Using the Tortoise client, and providing the correct prefix (svn:127.0.0.1/...) was all I had to do.
The long version:
If one wants to work with the simple, reliable, fast, but plain-text and proprietary protocol based) svnserve service, he needs to use a proprietary client, like Tortoise, and the svn: prefix instead of http/https:, and no port, like
svn://mysvnserver/testrepo
If needed, one may even reconfigure svnservice to use authentication and encryption later. svnserve isn't supporting web browsers, if one tries to access svnserve using a web browser like I did he gehts the internals of the svn protocol dumped to the screen.
If one wants to use his web browser, http/https protocol, and niceties, like a user friendly browser based interface and some remote administration capabilities, he must not use svnserve, but install a web server service (like apache) and configure if for use with subversion.
So in the end my problem had nothing to do with Windows 8. It just has slipped from my mind that years ago I went the apache path, while now I decided that the built-in svnserve service was good enough for my needs.
Armin.

MIT Kerberos for Windows w/ PuTTY & AD (MSLSA)

I run a Linux environment that's setup in an MIT Kerberos Realm. That realm has a one way trust setup that allows tickets for AD principals (from Windows 7 clients) to be accepted as authentication (for SSH and ODBC for Hadoop/Hive).
The problem I'm having is that Windows 7 clients using Kerberos for Windows 4.01 do not seem to be able to use their AD ticket in MSLSA. If I set KRB5CCNAME to a file and obtain an AD ticket independently of MSLSA everything works fine. With KRB5CCNAME set to MSLSA: it does not work. I did find a note about setting AllowTGTSessionKey to 1, but that's already been done (and rebooted).
Is there a way to use the AD tickets stored in MSLSA using MIT KfW?
Try to set hkcu\software\mit\kerberos5 string:ccname value:MSLSA: then
delete the krb5ccname variable and log off and on.

VNC server -> websockify -> noVNC issue

Hello i have a bit of a problem using websockify.
I made executable for windows, then i start my websockify in cmd:
c:\web\websockify.exe 192.168.1.70:5901 192.168.1.70:5900
WARNING: no 'resource' module, daemonizing is slower or disabled
WebSocket server settings:
Listen on 192.168.1.70:5901
Flash security policy server
No SSL/TLS support (no cert file)
proxying from 192.168.1.70:5901 to 192.168.1.70:5900
so far all good. In the background VNC server is running on the same
computer at port 5900. The thing is i need to use websockify to be
able to use novnc on the other computer in local network.
I have latest novnc installed on latest XAMPP server (apache 2.2).
When i start vnc.html it asks for server, port, password. I typed
them in and press connect. I get an error on the websockify side:
WARNING: no 'resource' module, daemonizing is slower or disabled
Usage:
websockify.exe [options] [source_addr:]source_port target_addr:target_port
websockify.exe [options] [source_addr:]source_port -- WRAP_COMMAND_LINE
websockify.exe: error: no such option: --multiprocessing-fork
I can't connect using noVNC. I searched for internet to find solution
but did not find it.
Can someone help me get this apps together runnig?
or is there some more windows friendly solution with some other app that
does what websockify does?
br
Did you follow this guide? https://github.com/kanaka/websockify/wiki/Compiling-Websockify-as-Windows-Executable
Websockify uses the python multiprocessing module. This module is problematic on Windows, especially with older versions of python. You might try python 3.2 or greater and see if you have more success although no guarantees. Websockify is developed and tested on Linux only.
There used to be a pre-built version of Websockify for Windows that at least worked without multiprocessing (one client at a time), however, github dropped support for downloads so this build is no longer available.
Disclaimer: I made websockify.

Can't rdp to Azure on Mac OS X

I am trying to Remote Desktop onto an Azure instance from Mac OS X, but can't find a tool that allows me to do it. Address and username is fine, but none of the clients seem to have the capabilities to include the instance information.
I have so far tried the Miscrosoft RDC and CoRD but to no avail.
Has anyone succeeded in using RDP to an Azure instance on a Mac?
By default, you can't connect to an Azure Windows server except through the Windows Remote Desktop client.
To connect from OS X, whether through CoRD or the Microsoft Remote Desktop client for Mac, you need to turn off network level authentication:
Connect to the Azure server using the Remote Desktop client on a Windows machine
Under Control Panel, go to System, then open 'Advanced system settings'
On the Remote tab, uncheck "Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)"
Re-connect from OS X
you need to create connect from microsoft remote desktop on mac
add ip, user, password
and you can connect now
if you still can't connect , check your azure endpoint setting
set the port that your firewall can pass
I have the same problem with you, and I think there is nothing to do with the network level authentication. The main reason is the default remote desktop app will connecting through port 3389, but your VM's default endpoint set another public port, here is what i do to solve it:
Download the latest version of Microsoft Remote Desktop app at Mac app store.
Add the port after your connection's DOMAIN/IP like yourvmdomain.com:yourpublicport. You will find the public port on endpoint setting tab. To me, the public port of Remote Desktop is 58494, so the connection will be xx.xx.xx.xx:58494.
This works for me.
Download the new Microsoft remote desktop client, which will allow you to connect to Azure instances without changing the configuration.
(As suggested in the comment from Kim Burgess)
It's tricky to connect to an Azure Cloud Service (aka Web or Worker Role) from a Mac, since PaaS instances sit behind a load balancer. You therefore need to specify which instance to connect to via cookies.
Royal TS supports cookies, so I got this working:
Install Royal TS free version (http://www.royalapplications.com/ts/osx/features)
Add the Remote Desktop plugin
Create new connection
Enter usual details (server/username/password)
Advanced > Connection > Load Balance Info > Cookie: mstshash=Your.Server#Your.Server_IN_0
This cookie info is available in the RDP file you can download for your instance from the Azure management portal (just open it in a text editor).
I use the Microsoft Remote Desktop application on OSX to connect to an Azure VM.
Recently I set up a VM from a Windows machine and was able to connect successfully using the admin username and password, but found that I had to reset the admin password to connect from OSX.
You can easily reset the password from the Azure portal for the VM. Go to "Support + troubleshooting/Reset Password".
I often have to enter the user name in the form:
PC name: xxx.xxx.xxx.xxx:yyyyy
Gateway: No gateway configured
User name: localhost\user.name
Hope that helps someone.
To access Azure instances from a MAC download Microsoft Remote Desktop client in Appstore. The default RDP client Azure provides doesnt work on a MAC. Worked for me
Check that your Networking Inbound Port rules (typically port 3389, but will change behind a load balancer) for the Azure VM allow you in.

Resources