You are viewing limited content. For full access, please sign in.

Question

Question

Client log on off domain

Web Client Laserfiche Snapshot Version 9 Administration
Updated March 20, 2018
asked on August 26, 2015

We have a scenario that we are configuring a Disaster Recovery site. The problem that we have is that the PC's on that site are not joined to the main domain. The result is that the users cannot select the "Use Windows Authentication" box when logging in. 

What we did find however, is that on the Web client as well as on the Snapshot Login screen the users can type in the user name as DOMAIN\Username with their normal Windows password and they are allowed to login to the repository successfully. When we try this with the LF Desktop Client, we get the error that the Username and or password is incorrect. 

The PC's at the DR site are logged in with the local Administrator account,  and not the user's own Windows account. 

On the normal work network with the user logged in as their own Windows AD account, they can use the same mechanism mentioned and successfully log in on all 2 applications (Desktop Client, Snapshot and Web Client).

I can understand that the Web Client would work differently as it most probably authenticates the user via the Web server that is still on the Domain, but why would Snapshot be able to log in like this by not the Desktop client?

Is there any way around this?

 

0 0

Replies

replied on August 26, 2015 Show version history

Client and Snapshot both use the same impersonation method when logging in using manually specified credentials, there is no reason one should work while the other doesn't.

 

In this case snapshot shouldn't be able to log in. Under the hood it is logging into the domain temporarily, which will fail on a machine outside the domain.

0 0
replied on August 27, 2015

Hi Robert,

Thanks for the reply. The strange thing is that Snapshot however works and all so to successfully store documents.  Is there anything else we can check to try and get to the bottom of this?

I managed to run a Trace on the client login, but not sure how to do the same with Snapshot to compare the results. 

0 0
replied on August 27, 2015

A trace would help. Snapshot should also generate a trace when tracing is enabled in the client, just restart Snapshot after turning on tracing.

0 0
replied on September 5, 2015

When we try this with the LF Desktop Client, we get the error that the Username and or password is incorrect. 

 

Can you try to use in Desktop Client  username@domain instead of domain\username

Using username@domain must work even if your PC joined to domain , assuming "Use Windows Authintication" is unchecked.

 

I am just curious , why you are not replicating your AD to your DR site.

 

 

0 0
replied on November 22, 2016

Hi Robert, 

Apologies for the delay and response on this thread. We are back at trying to get this to work. 

So a couple of things:

  1. Using username@domain still does not work. When trying it this way it complains that no LDAP server was found. 
  2. We have upgraded to version 10 since the initial question was started. Previously on version 9 we could get Snapshot to work, but not the LF Desktop Client. Now on 10, neither of them work. Both Snapshot and the Client gives the error below:

Client

Snapshot

3. As for not replicating AD, the Active Directory is replicated but because this is a Global Continuity site, none of the Workstations are joined to the Domain. So users are not logging in with their AD accounts on the PC, they login as a Local Administrator account, that is the same for all, and then when accessing the different applications, they enter their AD credentials and which allows them to gain access to the different applications.

4. I did pull the trace logs, but not sure where to look and understand were the problem exists. 

5. The Web client obviously works fine, so normal access and operation will be possible. The problem comes when a user would need to snapshot a document, then they are unable to gain access to the repository. 

We have not tested it, but I assume the Office plugin would have the same problem. 

Any suggestions of what we can try next?

0 0
replied on November 22, 2016

It sounds like your machines can't access the domain. To verify that you can access the remote domain, try launching client/snapshot through runas and logging in using the windows authentication checkbox:

runas /user:username@domain.com "c:\Program Files (x86)\Laserfiche\Client\LF.exe"
runas /user:username@domain.com "C:\Program Files (x86)\Laserfiche\Client\Snapshot\snapshot.exe"

 

0 0
replied on November 23, 2016

Thank you Robert.

I believe our test PC has been taken back to the Global Continuity Site, as soon as I can access it I'll test the suggestion and feedback afterward.

0 0
replied on March 20, 2018

Hi Robert,

We are back on this topic and I have tried the run as option you suggested. Unfortunately it is still unsuccessful. Still gives an error that the username or password is incorrect. 

 

any further suggestions?

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...