[THIN] Re: SSL VPN and AD Tools

  • From: "Chad Schneider (IT)" <Chad.M.Schneider@xxxxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Wed, 07 Nov 2007 15:00:46 -0600

Even affecting web apps.

We have some that use our logged on credentials, those run forever, do
nothing, then prompt for credentials (which they don't locally), and
MIGHT eventually log on.

I have tried launching AD tools using run as, still nothing.

>>> steveg@xxxxxxxxxxxxxx 11/7/2007 3:12 PM >>>

I am thinking that you have IP connectivity but that your local
applications
still run on the security context of your local account.....

 
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net 
steveg@xxxxxxxxxxxxxx 
 

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Chad Schneider (IT)
Sent: Wednesday, November 07, 2007 1:49 PM
To: thin@xxxxxxxxxxxxx 
Subject: [THIN] Re: SSL VPN and AD Tools

Client, Internet, Firewall, CAG, internal

Issue seems to be only with items requiring AD credentials.

Correct me if I am wrong, I am now using LDAP Authentication and
Authorization against AD, once I make a SSL VPN connection, my
credentials should pass thorough and I am a full member of the AD
domain, with the credentials I used at connection, correct?

>>> Anthony_Baldwin@xxxxxxxxx 11/7/2007 2:27 PM >>>
Chad,

Might be a stupid question, but...

        Once your VPNed in is there anything between you (like say a 
internal firewall/IPS/etc) and your AD environment?

Something like...

        Client <--> Internet <--> Firewall <--> CAG/WI/AAC <-->
Firewall 
<--> Internal network

        Or...

                Client <--> Internet <--> Firewall <--> Internal
network
                                        |
                                CAG/WI/AAC


Tony




"Chad Schneider (IT)" <Chad.M.Schneider@xxxxxxxxxxxxx> 
Sent by: thin-bounce@xxxxxxxxxxxxx 
11/07/2007 12:29 PM
Please respond to
thin@xxxxxxxxxxxxx 


To
<thin@xxxxxxxxxxxxx>
cc

Subject
[THIN] Re: SSL VPN and AD Tools






master page....

>>> steveg@xxxxxxxxxxxxxx 11/7/2007 10:54 AM >>>

PS- is that subnet in the accessible networks list on the master page?

 
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net 
steveg@xxxxxxxxxxxxxx 
 

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Chad Schneider (IT)
Sent: Wednesday, November 07, 2007 9:26 AM
To: thin@xxxxxxxxxxxxx 
Subject: [THIN] Re: SSL VPN and AD Tools

set it to 0.0.0.0/0

All protocols checked, ports set to 0.

>>> steveg@xxxxxxxxxxxxxx 11/7/2007 10:25 AM >>>

Do your assigned network resources include all the necessary subnets
(or
server) addresses and ports?

 
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net 
steveg@xxxxxxxxxxxxxx 
 

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Chad Schneider (IT)
Sent: Wednesday, November 07, 2007 7:19 AM
To: thin@xxxxxxxxxxxxx 
Subject: [THIN] SSL VPN and AD Tools

Trying to run my AD Users and computers and such, when connected using
the Citrix AG SSL VPN.

All AD applications fail, unable to contact domain controller.

Any thoughts on why?

SSL VPN is working for things like Groupwise, and some other
applications, but some applications fail.  Virtual Center is another.

Chad Schneider
Systems Engineer
ThedaCare IT
920-735-7615
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin 
************************************************

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin 
************************************************

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin 
************************************************

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin 
************************************************

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin 
************************************************




CONFIDENTIALITY NOTICE:  This message, including any attachments, is
for 
the sole use of the intended recipient(s) and may contain confidential
and 
privileged information.  Any unauthorized review, use, disclosure or
distribution 
is prohibited.  If you are not the intended recipient, please contact
the 
sender by reply e-mail and destroy all copies of the original message.
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin 
************************************************

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin 
************************************************

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************

Other related posts:

  1. Home
  2. thin
  3. Archive
  4. 11-2007