Jump to content

trexman

Members
  • Content Count

    16
  • Joined

  • Last visited

  1. Yes, thanks. That was the problem. Anonymous Authentication was enabled for the server but not for the passwordstate site. Mea culpa Now I get a form login instead of the login windows. Have a nice day.
  2. Here are the screenshot of what I configured to the example above. Of course this won't work because of the name. And yes, I check the field under Active Directory Domains with the commands "set userdomain" and "set userdnsdomain" like it is mentioned in Passwordsate But that should not be the problem, as we have successfully imported all user of the domain customer.local
  3. Hello, Yes sorry for my imprecise answer. You type in user name (domain\username) and the password. After that the password login prompts again, like you put in the wrong credentials. I don't fully understand what you mean with "against the base domain"? Do you have an example how the setup should look like for such a case? (meaning how to authenticate Passwordstate against a second domain?) I can only test DNS/LDAP against a server (DC) or am I wrong? Or do we maybe have a misunderstand in how our environment is setup. Let me explain this short
  4. One additional thing. I just did a tcpdump on the firewall. Should there be any "activity" between the Passwordstate web server and the second domain controller during a login attempt? I could not track anything. If I do the Password check in the Privileged Account Credentials windows, than I see packages between the 2 servers.
  5. Thanks for your reply. Just a question to so that I don't misunderstand you. What do you mean with "functioning DNS to this secondary domain"? Yes, I can ping and resolve the Domain Controller FQDN from the Active Directory Domain settings. The DNS Server for the Passwordstate server has a forward Conditional Forward to the DNS Server of the second domain. There is no firewall blocking between the Passwordstate web server and the Domain Controller FQDN of the second domain. I verified this with telnet and a small tool called LdapAdmin from the Passwordst
  6. Hello, we are running Passwordstate without any problems. Now I got the task to add user accounts from an external AD (outside of the Passwordstate server domain) I did as Administrator the setup of the Domain under Administration -> Active Directory Domain (with the check mark at Used For Authentication) I created Privileged Account Credentials under Administration. The check of the Privileged Account returned "Username and Password matches". After that I did the "Add From AD" under Administration -> User Accounts. Here I could search for the user
  7. The Firefox Problem is solved in Version 53! https://www.fxsitecompat.com/en-CA/docs/2017/ntlm-authentication-fails-in-certain-cases/ For me it is working again without Anonymous Authentication Thanks for your help Best Regards, Trexman
  8. Hi, do you have an update on this bugfix? (maybe an est. time until it is fixed ) Trexman
  9. Hello Support, I had still the same problem, but.... I found it after a long powershell problem search. It was the service RemoteRegistry which was not running on the remote server (192.168.2.101 in your example). I found out, that this service is normally disabled or on manual startup at Windows 7, 8.1 and 10 The question is: Is this service needed for the validation script? Is it not a security issue if you enable the RemoteRegistry service?
  10. Hi, we are using the version V7.7 (Build 7748). I just see that there is a update to Build 7773. I'll do this update later this day. Thanks. Best regards, Christian
  11. Hello Support, It works... partially. I can now reset a password of a normal user and also for the administrator user. The update of the Privileged Account also works as you described. Thanks so much for this. But the validation or heartbeats checks (manually or scheduled) failed with the message I mentioned at the beginning. Do you have any idea what this means or how I can debug this? Are the big "logical" differences between the validation and rese
  12. Hello, thanks for the detailed description. I tried this your steps above on our system and started all over again. My first problem is that I can't choose a Privileged account in the password dialog. The message is: Not Required Here are my screens for this:
  13. Hello Support, Yes I know. Therefore we are looking for a password management tool Hmm, I'm thinking more and more that we need another solution for our situation/environment. Is it generally possible to reset the "local" administrator password of a standalone server if we use this administrator also as Privileged Account? Yes I did the PS session test from the Passwordstate server where the IIS is running. So I think the connection is correct but either the IIS or the validatio
  14. Hello Support, thanks for your help. I read this a few times in this forum that it is "necessary" for the password reset part, that you have everything in an AD. But I don't see the need for a password reset tool if I use AD... In my case we have round about 30-40 standalone customer server where I want to reset the password by click My explanation about the VPN was only to tell you, that the servers are "around the world" and we have full access to them on all ports. I tried your test with a remote PS
  15. Hello, We want to use Passwordstate to reset all administrator accounts of our customer servers once a year. I played with the Password Reset and Password Validation Scripts to checkout the manual way but neither are working. I also read the "Password Reset Prerequisites" but I'm still stuck. To my environment: The Passwordstate "Server" is a Windows 10 PC in our company AD. The Servers I want to reset the password are external customer pc and server which have a VPN connection to our Passwordstate S
×
×
  • Create New...