WinGate Forums

[vgaudin]

After having tested wingate 6 for a use with about 500 users, we have somes remarqs to improve the fonctionnality of wingate.

- synchronisation of user database in active directory.
it's seems for me that a synchronisation option is missing because of a simple case.
when the user change his password.
you have not the way to automaticaly update his database information.
like time cycling (every hours or so ...)
what do you think about that ?

- the bug of authentication failed for somes part of the html pages. it seems you have reproduce in labs ? what about solution ?

- the options by default for users.
the idea is to have default configuration for user that are adding in the active directory .
actually when a user is added in the active directory and when the synchronisation is done the user is added with no default options.

to have a correct configuration you have to go inside the specific user to configure correctly the optiosn (like logs .....)
what about a default user profile ?

- a mailing list that keeps me informed of the wingate version and developpement ..etc ...


thansk for all
Gaudin vincent
France (that's why my bad english !)

[Pascal]

- synchronisation of user database in active directory.

You can use the just-in-time synchronisation. WinGate won't ever synch passwords, it actually authenticates the user with the active directory. If you use just-in-time synchronisation, the user is synched when he/she logs in. This is generally the recommended option for large user databases.

- the bug of authentication failed for somes part of the html pages. it seems you have reproduce in labs ? what about solution ?

This is currently a known issue with NTLM authentication on HTTP. We have reproduced this and fixed it, it will be in our next release.

- the options by default for users.

Thanks for that one. It is something we have on our list of things we want to do - simply because it would make configuration a lot simpler. (Like a template, for when a new user becomes known)

- a mailing list that keeps me informed of the wingate version and developpement ..etc ...

That sounds like a good idea. I think we might have something like that already, but will need to check it when I'm back in the office tomorrow. Your best bet currently is to watch the forums. We will post announcements as things change or when new versions are released. Also, using the Auto Update feature of WinGate will inform you when a new version of WinGate is released.

[vgaudin]

-great for the bug
-great for user templace
- great for mailing list

but !!!!

I have activated all the synch options.

I have modified my password in the active directory.

close my xp session reconnect.

but my browser ask me for a login.

when I give the new password it's okay.

so if the user is synched why to ask me for a password ?

I have also stopped and restart wingate . and it doesn't help.

is it a bug ?
do I not understand the "first time" ?
is there a way to log the synch process to view what is done by wingate

[Pascal]

How is your browser set to authenticate? I'm not sure of the exact options in IE, but believe that you can set it to always ask, ask the first time, use your current login, etc.

That would definately affect the behaviour. You can verify that WinGate will auth against the AD by running GateKeeper remotely. That also auths using NTLM then, against the AD.

As for logging, I don't think there is a way - you can log auth failures for most services - but I don't think that's quite what you're after.

[adrien]

Hi

When using the NT user database with WinGate, WinGate itself never sees the passwords. It uses an OS function call to authenticate users with the underlying user database based on data passed in by the user (either plaintext user/pass for say POP3 or telnet, or by a secure method when the client application uses NTLM authentication).

So if a user changes passwords, there is nothing to synchronise in WinGate, since WinGate never sees the password, and doesn't do the authentication itself anyway.

So as for why a browser would re-request a username and password, that may be because the browser cached the previous values, and found that they didn't work when the password was changed.

Adrien