| View previous topic :: View next topic |
| Author |
Message |
mok
Joined: 10 Jun 2009
Posts: 6
Location: Malaysia
|
 Posted: Wed Jun 10, 2009 4:45 am
Post subject: Domain Login |
|
|
| Hello anyone, I just tried firstspot on our domain intranet, it's working fine for non-domain user, but when a domain user try to login to their domain account, the login prompt that can't find domain server.. and if we bypass the firstspot to login into our domain, we still can't use those resource which require domain authentication.. so is there a way to resolve this problem? Thanks.. |
|
| Back to top |
|
 |
alan
Forum facilitator
Joined: 26 Sep 2003
Posts: 4435
|
Posted: Wed Jun 10, 2009 5:06 am
Post subject: |
|
|
Can you explain what exactly you mean by domain authentication? Please give a brief explanation on your network setup.
Also, make sure you are not using Client Isolation.
_________________
~ Patronsoft Limited ~ |
|
| Back to top |
|
|
mok
Joined: 10 Jun 2009
Posts: 6
Location: Malaysia
|
Posted: Wed Jun 10, 2009 9:22 am
Post subject: Re: Domain Login |
|
|
We've a Windows Server 2003 setup as a Domain Controller for our intranet user, so our intranet user can login to a PC as a local user or domain user, a local user cannot access to our intranet resources control by our domain controller but domain user can..
due to some legacy applications need the domain authentication to run, we cannot setup our network as "WORKGROUP" like most people do.
our problem is user unable to login PC/Labtop using their domain account.. except local login only..
I'm sure the "Client Isolation" option is OFF in our firstspot setup.
Thanks in advance for your help. |
|
| Back to top |
|
|
alan
Forum facilitator
Joined: 26 Sep 2003
Posts: 4435
|
Posted: Wed Jun 10, 2009 9:30 am
Post subject: |
|
|
So your domain controller is "behind" FirstSpot, like:
Client -> FirstSpot -> Domain Controller
Note that FirstSpot will block all TCP or UDP packets until the client login to FirstSpot via the web-based login page.
In that case, you can try to put the IP address of your Domain Controller to Exception Free Websites -> IP Address, and then restart FirstSpot.
_________________
~ Patronsoft Limited ~ |
|
| Back to top |
|
|
mok
Joined: 10 Jun 2009
Posts: 6
Location: Malaysia
|
Posted: Fri Jun 12, 2009 6:14 am
Post subject: Re: Domain Login |
|
|
Thanks.. it works, but this post a security threats to our domain server.. since the firstspot let every packets through the exception free website or ip.. any suggestions?
BTW, can I enable WEP/WPA encryption on the access-point? what is the good on disable/enable AP's encryption with firstspot?
Thanks.. |
|
| Back to top |
|
|
alan
Forum facilitator
Joined: 26 Sep 2003
Posts: 4435
|
Posted: Fri Jun 12, 2009 9:05 am
Post subject: |
|
|
1) Well, FirstSpot has to let the traffic through in order for the client login to work. You can lock down all the ports in your domain server except for the login protocol's port
2) Yes, you can enable WEP/WPA-PSK. It will secure the data link layer (layer 2) and it won't interfere with FirstSpot (FirstSpot works in the TCP/IP layer 3/4).
_________________
~ Patronsoft Limited ~ |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Powered by phpBB © 2001, 2005 phpBB Group
| |
Search
Profile
Log in
Register
