Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Allow disabling NLA (Network Level Authentication) for RDP
See original GitHub issueWe are currently looking at using IAP-Desktop in combination with GCPW (Google Credential Provider for Windows). After the initial login with 2FA, connecting via IAP-Desktop works fine. However for initial logins (and when 2FA is required again) we need to RDP to the server’s login screen instead of providing the credentials through the initial connection.
To do that initial login, you need a RDP session with NLA disable, for the normal RDP client this can be done by setting enablecredsspsupport:i:0 in the RDP file (See https://gist.github.com/pingec/7b391a04412a7034bfb6).
If we can get IAP-Desktop to support this option somehow it would be really useful as then we can use IAP-Desktop in combination with GCPW for initial login and any time the 2FA reauth is needed.
It would be amazing if the IAP and GCPW teams worked together to make SSO via IAP-Desktop a possability, but that’s probably a pipe dream for now.
Issue Analytics
- State:
- Created 2 years ago
- Comments:6
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Adding a connection setting to disable NLA shouldn’t be an issue. I’ll take a look whether that’s sufficient to enable GCPW usage.
That’s great to hear, thanks!