Login all too easy!
Aug 23 04 12:32 am
Hi all,
Just finalising a new install, single user, parent wants lockdown of internet surfing by adolescent children, Wingate perfect solution.
To keep 'the lockdown in place' no GK icon in notification area and then I was surprised to see anyone could login with no credentials supplied:
I guess as the user is an Administrator and authenticated the login is approved.
Some light on the topic would be interesting.
Nev.
Just finalising a new install, single user, parent wants lockdown of internet surfing by adolescent children, Wingate perfect solution.
To keep 'the lockdown in place' no GK icon in notification area and then I was surprised to see anyone could login with no credentials supplied:
I guess as the user is an Administrator and authenticated the login is approved.
Some light on the topic would be interesting.
Nev.
Aug 23 04 12:39 am
Nev,
Could either of these be of help?
Profiles -
User must be authenticated-
Advanced -
Username not equal Guest
After re-reading this - are you saying the user is already connected and can log into GK with no username - password?
In that case that sounds right. I think authentication is by connection.
Someone will let us know if I'm confused.
Larry
Could either of these be of help?
Profiles -
User must be authenticated-
Advanced -
Username not equal Guest
After re-reading this - are you saying the user is already connected and can log into GK with no username - password?
In that case that sounds right. I think authentication is by connection.
Someone will let us know if I'm confused.
Larry
Aug 23 04 2:25 pm
Are you currently using the NT userdatabase ? For this to happen, I believe this must be the case. Now, if you check the user that is actually logged in to GateKeeper - who does that match ?
I believe you will see that the user is the currently logged in Windows user (Or the default for the security package - which is NTLM in this case). So, the best suggestion I could have for you at the moment is to setup proper authentication in terms of rights. I.e. give people rights to use only the specific portions they are allowed.
Having a dig through the documentation, etc. to see if this behavior is desirable or undesirable.
I believe you will see that the user is the currently logged in Windows user (Or the default for the security package - which is NTLM in this case). So, the best suggestion I could have for you at the moment is to setup proper authentication in terms of rights. I.e. give people rights to use only the specific portions they are allowed.
Having a dig through the documentation, etc. to see if this behavior is desirable or undesirable.
Aug 23 04 8:47 pm
Ni Nev
Using a blank username and password is functionally equivalent to selecting the "user current username and password" option, which means you log into WinGate with the same credentials you logged into Windows with.
In this respect it is no more or less of a security concern than having this checkbox option available, and relies on the password security of the underlying operating system.
Adrien
Using a blank username and password is functionally equivalent to selecting the "user current username and password" option, which means you log into WinGate with the same credentials you logged into Windows with.
In this respect it is no more or less of a security concern than having this checkbox option available, and relies on the password security of the underlying operating system.
Adrien
Aug 23 04 11:09 pm
adrien wrote:Ni Nev
Using a blank username and password is functionally equivalent to selecting the "user current username and password" option, which means you log into WinGate with the same credentials you logged into Windows with.
In this respect it is no more or less of a security concern than having this checkbox option available, and relies on the password security of the underlying operating system.
Adrien
Hi all and thanks!
Yes the user was authenticated and all the above makes sense!
On deployment the main account will be downgraded to user status so that should do the trick!
Cheers,
Nev.