RDP variable for Connections based on AD

All replies

• 

  

  0

  Sign in to vote

  Its working for me, what is the script are you using ?

  This will only work for old XP/Vista RDP tunnel template only and nothing else. If you are thinking of using it for Remote Desktop (User defined) and (Pre defined) becuase they are very different.

  ---

  Faisal :>

  Wednesday, February 9, 2011 6:21 PM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  Its working for me, what is the script are you using ?

  This will only work for old XP/Vista RDP tunnel template only and nothing else. If you are thinking of using it for Remote Desktop (User defined) and (Pre defined) becuase they are very different.

  ---

  Faisal :>

  Hi Faisal, 

  i use the script, regarding to my postet link: 

   

   

  <%
  
   set p1 = Server.CreateObject("UserMgrComLayer.Param")
  
   ' P1 holds the attribute name to retrieve from the active directory.
  
   p1.Name = "facsimileTelephoneNumber"
  
   ' Search for the value set in P1 above in the AD
  
   set user_information = GetUserInformation(repository,user_name,domain,Array(p1))
  
   set p1 = Nothing
  
    if TypeName(user_information) = "Nothing" then
  
     LIGHT_TRACE "ERROR: Failed to get the user [" & user_name & "] domain [" & omain & "] repository [" & repository & "] information [mailserver,mailfile]"
  
     ClearSessionVariables
  
     response.redirect GetSiteErrorPage() & "?error_code=108"
  
    end if
  
   dim param_vec
  
   param_vec = user_information.ParamVec
  
   set user_information = Nothing
  
   RDPComputer = param_vec(0).Value
  
  ' sets the redirect value for the RDP application
  
  setSessionParam g_cookie,"RelayPort3389",RDPComputer
  
  %>

   

  My AD attribute "facsimileTelephoneNumber" is set with the IP for my Desktop Computer.
  For my understanding, the postpostvalidate.inc must use now my ip for my RDP Session, right?

   

  Regards

  Patrick

   

  Thursday, February 10, 2011 9:07 AM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  looks like you havent set the variables correctly in the script .

  try this instead in your postpostvalidate.inc

  ...

  ==============

  <%

  repository = Session("repository1")

  user_name = Session("user_name1")

  set ADval = Server.CreateObject("UserMgrComLayer.Param")

  ' ADval holds the attribute name to retrieve from the active directory.

  ADval.Name = "facsimileTelephoneNumber"

  ' Search for the value set in ADval above in the AD

  set user_information = GetUserInformation(repository,user_name,domain,Array(ADval))

  set ADval = Nothing

  if TypeName(user_information) = "Nothing" then

  LIGHT_TRACE "ERROR: Failed to get the user [" & user_name & "] domain [" & domain & "] repository [" & repository & "] information [mailserver,mailfile]"

  ClearSessionVariables

  response.redirect GetSiteErrorPage() & "?error_code=108"

  end if

  dim param_vec

  param_vec = user_information.ParamVec

  set user_information = Nothing

  RDPComputer = param_vec(0).Value

  ' sets the redirect value for the RDP application

  setSessionParam g_cookie,"RelayPort3389",RDPComputer

  %>

   

  =================

  Yes your understanding is correct this AD attribute will have your IP address of the desktop .

   

   

  ---

  Faisal :>

  Thursday, February 10, 2011 12:15 PM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  Thanks for the Script Faisal. 

  Is this working with the TS Client Tunneling variables 254.254.254.254? I Setup it like here: http://www.forefrontsecurity.org/Portals/0/portals/0/DNNArticle/092910_1328_Howtoopendi3.png

  but it didnt work. 

   

   

  Thursday, February 10, 2011 12:35 PM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  Faisal, 

  my RDP APP or TS Tunneling always query the 254.254.254.254 IP if i want to connect to my Application, sure that 254.254.254.254 is the right variable in UAG? It works fine in my IAG Lab.. but i wont work in uag.

  Thursday, February 10, 2011 12:47 PM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  254.254.254.254.254 looks like a correct variable, working for me on UAG SP1 from win 7 64 bit and win XP as well. so its redirecting me to the desktop for the IP it pulls from AD attibute of the logged on user as per postpostvalidate.inc customization.

  ---

  Faisal :>

  Thursday, February 10, 2011 2:01 PM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  any ideas whats the problem? 

  is this the correct path for my postpostvalidate.inc

  C:\Program Files\Microsoft Forefront Unified Access Gateway\von\InternalSite\inc\CustomUpdate ? 

   

  maybe i'm doing something wrong.. here are my steps.

  1. create a appliacation (TS Client Tunneling)
  2. Setup with 254.254.254.254 as Terminal Server and Initial Server
  3. Standard Policies, Authorize all Users
  4. create postpostvalidate.inc with your script, put it in \von\internalsite\inc\customupdate\
  5. Safe configuration and activiate
  6. Browse to my Portalpage, Login with my domaincredentials
  7. Start RDP Application

  Thursday, February 10, 2011 2:04 PM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  anyone else have a hint? 

  Update - i think the hook postpostvalidate.inc is not working correctyl... if i set the varibale "RDPComputer" fix the UAG Appliacation does not respond to this.. 

  Friday, February 11, 2011 9:14 AM

  Reply

  |

  Quote
• 

  

  0

  Sign in to vote

  Hi Patrick,

  Are you sure that you have correctly named your postpostvalidate.inc file  (like < portal name > + <0 or 1 (0 for HTTP trunk and 1 for HTTPS) > + <"PostPostValidate.inc"> ).

  Can you see heavy trace in the logs file ? If not, that means that your .inc file is not applicated.

  ---

  Olivier Detilleux - Service Line Manager | Core Infrastructure Department - vNext http://www.vnext.fr - http://myitforum.com/cs2/blogs/forefrontsecurity/

  • Marked as answer by Erez Benari Thursday, May 5, 2011 4:46 PM

  Thursday, March 24, 2011 8:11 AM

  Reply

  |

  Quote