- Individual Applications
Protect
Filter
Perform
Connect
Add-Ons
- Software Packages
- Complete Appliances
11-28-2009, 11:12 AM
|
#1 (permalink) |
|
Master Untangler
Join Date: Oct 2008
Location: Litchfield MN
Posts: 103
 |
AD Connector and terminal servers?
Is there a solution to the reporting issues associated with MS Terminal servers?
Basically, I have the OK to pull the trigger and snag up the paid services at the office, however, not being able to get clear reporting makes it a turn-off. I did a quick search and did not see anything concrete. |
|
|
11-28-2009, 12:12 PM
|
#2 (permalink) |
 
Join Date: Aug 2007
URLs submitted: 171
Posts: 4,802
|
Terminal Server uses names for authentication and stops their use at that point. I believe Terminal Server also reports its own IP rather than the users IP as well.
__________________
This space reserved for profound thought.....which does happen on occasion." |
|
|
|
11-28-2009, 05:31 PM
|
#3 (permalink) | |
|
Master Untangler
Join Date: Oct 2008
Location: Litchfield MN
Posts: 103
|
Quote:
|
|
|
|
|
12-22-2009, 07:38 AM
|
#7 (permalink) |
|
Untangler
Join Date: Apr 2008
Location: Bama
Posts: 63
  |
MS vs Citrix Terminal Services
First, to set the story straight, i have no Citrix TS experience, but plenty of MS TS experience.
Microsoft TS works by simply creating a desktop logon session whenever a user logs on to the box. That user shares all other information with the server that is hosting it, being the IP address, the computer name, etc. Since Untangle's AD connector links names to an IP address, there is no way out of the box to configure this to work. You can attempt to assign users a unique IP address (My best guess would be to establish a VPN connection every time a user logs in, that would give them a unique IP address for all connections they make, but I'm not exactly sure what kind of complications that would cause for other users, or if it would actually work correctly). Citrix TS works by creating a virtual desktop every time a user connects, that virtual desktop shares similar items with the server, but not all. For example, the IP address of the VD is unique to the user, and not shared by the Citrix TS. If you have a lot of users accessing a TS as the primary means of their desktop access, then you should by all means consider Citrix TS as a possible route.
__________________
Self-trained just means you couldn't afford college. |
|
|
|
12-22-2009, 08:17 AM
|
#8 (permalink) | |
 
Join Date: Jul 2008
Posts: 2,766
|
Quote:
Some time "Real Soon Now" Untangle will have a captive portal which forces users to identify themselves the first time they browse the Internet. This will do away with the requirement of running the login script, but you'll still need a "virtual IP" like product to work with Terminal Server and Citrix.
__________________
m. Big Frickin Disclaimer: While I'm pretty sure, I can't guarantee that I know what I'm doing. There might be a better way to do this, and this way might actually suck. Make sure you understand the implications of what you're doing before trying to follow these directions. It often helps troubleshooting if you have a good network map. Look here if you want my advice on how to draw one. Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself. If you need Untangle support please call or email support@untangle.com |
|
|
|
|
12-23-2009, 02:50 AM
|
#9 (permalink) | |
|
Master Untangler
Join Date: Oct 2008
Location: Litchfield MN
Posts: 103
|
Quote:
My users have a hard time with dealing with anything like this, I mean, its stupid easy, but... I'd like to see the captive portal only apply to just internet, so by logging in, they have to read and agree to the terms of the electronic use policy. The workstations all require ad credentials to use them. My problem still exists though, that I am unable to cleanly track users when using a terminal server. I have names to all the IP's but the terminal server... |
|
|
|
 |
| Thread Tools | |
|
|
