Authorisation by Windows/Active Directory for Winflector server
Winflector server allows for authorising users with usage of Windows or Active Directory. It is possible to authorise local Windows users, or users defined in a domain, if the server computer belongs to this domain. In both cases it is possible (but not necessary) to define user groups, which will be allowed to run applications via Winflector server. Using groups is not necessary – then all users (local or domain) will be allowed to use Winflector.
Step 1. – optional
Creating a group (or groups) of users authorised to run applications via Winflector.
Please create a group (or groups) on the domain controller or on the computer with Winflector server, then add users to the group. The group can be of local or global scope.
If all users are allowed to use Winflector then this step should be skipped.
The group "Winflector users" is created by default on the computer where Winflector server is installed. The screenshots below present sample group defintions created on the domain controller: testgr (local group) and testgrglobal (global group).
Step 2.
Winflector server configuration
a) the simplest option (no groups) is setting authentication to Windows/Active Directory and introducing the domain name.
Setting authentication via Windows/Active Directory:
Entering a domain name, the sample domain otc (otc.local) below:
Now it is possible to connect to Winflector server using domain authorisation.
b) option with authorisation for group members only – it is required to enter the group name (or names separated with comma)
Now only the members of listed groups can connect to Winflector server.
c) option with authorisation for group members with assigning applications for a user
After checking the option „Assign applications..” it is necessary to press "Update users" button – then Winflector server will get a user list from the domain controller and applications can be assigned to users. By default all applications are available for each user.
In each case (a), b) and c)) when connecting to Winflector server the domain name should be supplied:
d) option with Windows authorisation and local users from the computer where Winflector server is running:
The "Domain name" field should be filled with the name of the computer where Winflector server is running. The users authorisation will proceed in the same way as for domain users, except that the local computer users will be used. The name of the computer should be supplied during the connection with wfc.exe client.