I have Wingate installed on windows2000 service pack 4.
I have windows 2003 SMB server as my domain controller.
I’m trying to use the windows 2003 user database for Wingate as its groups and users.
What I have done so far:
1. Set up Wingate to use the server's user database.
2. Gave the Wingate service a user name witch has efficient privileges on the windows2003 server.
(Please advise if using domain\user name will cause any issues)
3. Restarted the Wingate server.
After I restarted I did a synchronisation and Wingate gave me the error “access denied”
After stopping and restarting the Wingate engine several times this seems to have stopped happening (but I mention it in case it does happen again so I know what to do next time).
4. I set up several security groups on the windows 2003 server and added the users I want in each group.
5. I went in to the system policies in the users tab in Wingate and added all the groups (after doing a synchronisation).
What I want to do is remove access to Wingate for all but my groups (and the users in those groups) and then set up each group with time restrictions as well as ban lists.
When I tried this it would not let those groups access Wingate.
Users may be assumed by the computer they log in to.
I want the accounting feature to work for each user (as it does currently with the Guest account).
I do not want to use the Wingate Internet client if at all possible (it is in my view not stable enough, when I was using it I spent around 40% of my working hours fixing it).
Thank you,
Sean.
Back to top
adrien
Qbik Staff
--------------------------------------------------------------------------------
Posts: 2361
Joined: 03 Sep 2003
Location: Auckland
Posted: Nov 09 06 1:48 pm Post subject:
--------------------------------------------------------------------------------
Hi Sean
We have a known problem with 6.x that we are working on when synchronising with an AD server. It's related to enumeration of domain groups where they contain other groups.
As such, if you create policies in WinGate that rely on membership of a group belonging to another group, then it won't currently work.
We are working on a fix to this, using a different set of APIs - the current MS one only works properly for NT4 domains.
Apologies for the inconvenience.
Adrien
Back to top
SeanLR
--------------------------------------------------------------------------------
Posts: 12
Joined: 06 Jul 2004
Posted: Nov 09 06 8:12 pm Post subject:
--------------------------------------------------------------------------------
Thanks 4 the fast responce :)
Is there some way that i can work around this problem? (mabey by adding each user instead or using the assumed users?)
Back to top
adrien
Qbik Staff
--------------------------------------------------------------------------------
Posts: 2361
Joined: 03 Sep 2003
Location: Auckland
Posted: Nov 09 06 11:12 pm Post subject:
--------------------------------------------------------------------------------
Hi
You could try adding the actual users.
Regards
Adrien
[/img]