Winflector.com - forum Winflector

Forum > Questions, suggestions and feature requests > windows authentication and domain name field in connecting client

Autor: John Data: 2017-06-08 09:36:39	my environment: winflector server version 3.9.4.0a in a windows 10 pro machine, no active directory, but authentication mode is windows authentication with only users who are members of the local "Winflector users" group receiving authorization to connect after providing correct user name and password. i had initially assumed that when users connect via winflector client gui, the domain name field needs to be filled up correctly. indeed, if that field is incorrectly filled, the user will get a "not authorized" error message. but it turns out a user can connect without filling in the domain name field as long as the user fills in user name and password correctly. is this the expected behavior? is it possible to make filling the domain name field a required input -- that way, an outsider needs to guess 3 fields (user name, password, domain name) correctly instead of just the user name and password? now that winflector server's winflector authentication can additionally use mac address filtering for authentication, does this make the winflector authentication mode more secure than windows authentication mode with or without the use of active directory? thanks for any help!
Autor: Mirek (staff) Data: 2017-06-08 10:12:30	In older versions of Winflector 'domain' field was required, but due to many requests from our customers we changed that. Now the empty field means the default domain. We were considering adding the switch to the server, but so far there was many more important things to do :) I hope in one of the next releases we will make it configurable.
Autor: John Data: 2017-06-08 11:38:29	thanks for the info. i'd like to add my vote for making the domain field required or not configurable. for me, it's better to be safer than sorry.

Zaloguj się aby móc pisać na forum.