 Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8  Location: Aberdeen Thanks: 1 times
|
Is there a way that I can use LDAP with Two factor authentication (email/sms authentication) whereby I don’t have to update the properties of each individuals record in AD to include [email:xxx@xxx.com] in the description?
Ideally after defining the new role, which corresponds to an existing AD group I would like to assign it through ScreenConnect so that all members of that group use 2FA with email/sms authentication, where their email address is pulled automatically.
Unfortunately due to the way in which we would be looking to utilise ScreenConnect it would not prove feasible for us to update every user’s record to include this information. As an example the existing solution that we are looking to replace has 700+ users defined for access to run the remote administration software.
Would it be possible to do this via a custom provider?
Thanks in advance
Regards
Wayne
|
|
|
|
|
|
 Rank: Administration Medals:  Joined: 4/9/2010(UTC)
Posts: 2,061
Thanks: 1 times
Was thanked: 393 time(s) in 188 post(s)
|
Put a file with this in it into an App_Code directory under your install. Then wherever Elsinore.ScreenConnect.WindowsMembershipProvider is referenced in the web.config, add a similar reference to MyWindowsMembershipProvider. Code:
using System.Web.Security;
using Elsinore.ScreenConnect;
public class MyWindowsMembershipProvider : WindowsMembershipProvider
{
public override MembershipUser GetUser(string userName, bool userIsOnline)
{
var baseUser = base.GetUser(userName, userIsOnline);
if (baseUser == null)
return null;
return new DisplayNameMembershipUser(
this.Name,
baseUser.Name,
baseUser.ProviderUserKey,
baseUser.Email,
"email:" + baseUser.Email,
baseUser.Comment,
baseUser.IsApproved,
baseUser.IsLockedOut,
baseUser.CreationDate,
baseUser.LastLoginDate,
baseUser.LastActivityDate,
baseUser.LastPasswordChangedDate,
baseUser.LastLockoutDate,
baseUser.UserDisplayName
);
}
}
Edited by user Thursday, July 10, 2014 9:03:34 PM(UTC)
| Reason: Not specified |
ScreenConnect Team |
|
|
|
|
|
Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8 Location: Aberdeen Thanks: 1 times
|
Jake, thanks for the information.
I created the App_Code directory, copied your code and saved it as 2FA.cs. Then in the web.config file there was only one reference for Elsinore.ScreenConnect.WindowsMembershipProvider <add name="WindowsMembershipProvider" type="Elsinore.ScreenConnect.WindowsMembershipProvider" /> so I added an extra one for MyWindowsMembershipProvider just below it.
However I receive the following error whilst trying to launch the web interface.
Any thoughts on what is wrong?
Thanks in advance
Server Error in '/' Application.
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
Compiler Error Message: CS1061: 'System.Web.Security.MembershipUser' does not contain a definition for 'Name' and no extension method 'Name' accepting a first argument of type 'System.Web.Security.MembershipUser' could be found (are you missing a using directive or an assembly reference?)
Source Error:
Line 13: return new DisplayNameMembershipUser(
Line 14: this.Name,
Line 15: baseUser.Name,
Line 16: baseUser.ProviderUserKey,
Line 17: baseUser.Email,
Source File: c:\Program Files (x86)\ScreenConnect\App_Code\2FA.cs Line: 15
C:\Windows\system32> "C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /t:library /utf8output /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.WindowsServer.dll" /R:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Windows.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Core.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Client.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Server.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll" /R:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_GlobalResources.a3t1xwxl.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Relay.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll" /out:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.wna4-m7a.dll" /D:DEBUG /debug+ /optimize- /w:4 /nowarn:1659;1699;1701;612;618 /nowarn:1685 /warnaserror- "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.wna4-m7a.0.cs" "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.wna4-m7a.1.cs"
Microsoft (R) Visual C# Compiler version 4.0.30319.18408
for Microsoft (R) .NET Framework 4.5
Copyright (C) Microsoft Corporation. All rights reserved.
c:\Program Files (x86)\ScreenConnect\App_Code\2FA.cs(15,22): error CS1061: 'System.Web.Security.MembershipUser' does not contain a definition for 'Name' and no extension method 'Name' accepting a first argument of type 'System.Web.Security.MembershipUser' could be found (are you missing a using directive or an assembly reference?)
c:\Program Files (x86)\ScreenConnect\App_Code\2FA.cs(27,22): error CS1061: 'System.Web.Security.MembershipUser' does not contain a definition for 'UserDisplayName' and no extension method 'UserDisplayName' accepting a first argument of type 'System.Web.Security.MembershipUser' could be found (are you missing a using directive or an assembly reference?)
|
|
|
|
|
|
Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8 Location: Aberdeen Thanks: 1 times
|
Hi Jake,
I found what was causing the issues launching the web interface. Seems I referenced the new provider wrongly in my web.config however I have since corrected that and can log back into the interface.
My question is what do I have to do next to set one of my existing roles to use 2FA with one time password without manually updating the AD description record of each account?
I have already made the change within Administration/Appearance for SC to recognise two-factor authentication. (SecurityPanel.PasswordQuestionVisible set to true).
Thanks in advance
Wayne
|
|
|
|
|
|
Rank: Administration Medals: Joined: 4/9/2010(UTC)
Posts: 2,061
Thanks: 1 times
Was thanked: 393 time(s) in 188 post(s)
|
Code:
using System.Web.Security;
using Elsinore.ScreenConnect;
public class MyWindowsMembershipProvider : WindowsMembershipProvider
{
public override MembershipUser GetUser(string userName, bool userIsOnline)
{
var baseUser = base.GetUser(userName, userIsOnline);
if (baseUser == null)
return null;
var isInTfaRole = this.GetRolesForUser(baseUser.Name, true)
.Where(r => r == "TFA Role")
.Any();
return new DisplayNameMembershipUser(
baseUser.ProviderName,
baseUser.UserName,
baseUser.ProviderUserKey,
baseUser.Email,
isInTfaRole ? "email:" + baseUser.Email : string.Empty,
baseUser.Comment,
baseUser.IsApproved,
baseUser.IsLockedOut,
baseUser.CreationDate,
baseUser.LastLoginDate,
baseUser.LastActivityDate,
baseUser.LastPasswordChangedDate,
baseUser.LastLockoutDate,
baseUser.UserDisplayName
);
}
}
|
ScreenConnect Team |
|
|
|
|
|
Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8 Location: Aberdeen Thanks: 1 times
|
Hi Jake, Using the new code you provided and putting it in the App_Code folder, I'm receiving the error as shown below. FYI I am using SC version 4.4.7175.5302 and the reference I added to the web.config is as follows: <add name="MyWindowsMembershipProvider" type="Elsinore.ScreenConnect.WindowsMembershipProvider" /> Compilation Error Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately. Compiler Error Message: CS1061: 'System.Web.Security.MembershipUser' does not contain a definition for 'Name' and no extension method 'Name' accepting a first argument of type 'System.Web.Security.MembershipUser' could be found (are you missing a using directive or an assembly reference?) Source Error: Line 11: return null; Line 12: Line 13: var isInTfaRole = this.GetRolesForUser(baseUser.Name, true) Line 14: .Where(r => r == "TFA Role") Line 15: .Any(); Source File: c:\Program Files (x86)\ScreenConnect\App_Code\MyWindowsMembershipProvider.cs Line: 13 Show Detailed Compiler Output: C:\Windows\system32> "C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /t:library /utf8output /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Windows.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Relay.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Web.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Core.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll" /R:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll" /R:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_GlobalResources.a8zyux-p.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Client.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.WindowsServer.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Server.dll" /out:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.mct0wzye.dll" /D:DEBUG /debug+ /optimize- /w:4 /nowarn:1659;1699;1701;612;618 /nowarn:1685 /warnaserror- "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.mct0wzye.0.cs" "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.mct0wzye.1.cs" Microsoft (R) Visual C# Compiler version 4.0.30319.18408 for Microsoft (R) .NET Framework 4.5 Copyright (C) Microsoft Corporation. All rights reserved. c:\Program Files (x86)\ScreenConnect\App_Code\MyWindowsMembershipProvider.cs(13,57): error CS1061: 'System.Web.Security.MembershipUser' does not contain a definition for 'Name' and no extension method 'Name' accepting a first argument of type 'System.Web.Security.MembershipUser' could be found (are you missing a using directive or an assembly reference?) c:\Program Files (x86)\ScreenConnect\App_Code\MyWindowsMembershipProvider.cs(31,22): error CS1061: 'System.Web.Security.MembershipUser' does not contain a definition for 'UserDisplayName' and no extension method 'UserDisplayName' accepting a first argument of type 'System.Web.Security.MembershipUser' could be found (are you missing a using directive or an assembly reference?)
|
|
|
|
|
|
Rank: Administration Medals: Joined: 4/9/2010(UTC)
Posts: 2,061
Thanks: 1 times
Was thanked: 393 time(s) in 188 post(s)
|
Code:
using System.Web.Security;
using Elsinore.ScreenConnect;
public class MyWindowsMembershipProvider : WindowsMembershipProvider
{
public override MembershipUser GetUser(string userName, bool userIsOnline)
{
var baseUser = (DisplayNameMembershipUser)base.GetUser(userName, userIsOnline);
if (baseUser == null)
return null;
var isInTfaRole = this.GetRolesForUser(baseUser.UserName, true)
.Where(r => r == "TFA Role")
.Any();
return new DisplayNameMembershipUser(
baseUser.ProviderName,
baseUser.UserName,
baseUser.ProviderUserKey,
baseUser.Email,
isInTfaRole ? "email:" + baseUser.Email : string.Empty,
baseUser.Comment,
baseUser.IsApproved,
baseUser.IsLockedOut,
baseUser.CreationDate,
baseUser.LastLoginDate,
baseUser.LastActivityDate,
baseUser.LastPasswordChangedDate,
baseUser.LastLockoutDate,
baseUser.UserDisplayName
);
}
}
|
ScreenConnect Team |
|
|
|
|
|
Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8 Location: Aberdeen Thanks: 1 times
|
Hi Jake,
Still getting an error when I try and launch the interface
Server Error in '/' Application.
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
Compiler Error Message: CS1061: 'System.Array' does not contain a definition for 'Where' and no extension method 'Where' accepting a first argument of type 'System.Array' could be found (are you missing a using directive or an assembly reference?)
Source Error:
Line 12:
Line 13: var isInTfaRole = this.GetRolesForUser(baseUser.UserName, true)
Line 14: .Where(r => r == "TFA Role")
Line 15: .Any();
Line 16:
Source File: c:\Program Files (x86)\ScreenConnect\App_Code\MyWindowsMembershipProvider.cs Line: 14
C:\Windows\system32> "C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /t:library /utf8output /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activation\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activation.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Server.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Web\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Relay.dll" /R:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorlib.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Windows.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Core.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.DynamicData\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.DynamicData.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll" /R:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_GlobalResources.b8hdfble.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.Client.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll" /R:"C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.WorkflowServices\v4.0_4.0.0.0__31bf3856ad364e35\System.WorkflowServices.dll" /R:"C:\Program Files (x86)\ScreenConnect\Bin\Elsinore.ScreenConnect.WindowsServer.dll" /out:"C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.w0lit9vl.dll" /D:DEBUG /debug+ /optimize- /w:4 /nowarn:1659;1699;1701;612;618 /nowarn:1685 /warnaserror- "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.w0lit9vl.0.cs" "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\35c504ff\e26c2568\App_Code.w0lit9vl.1.cs"
Microsoft (R) Visual C# Compiler version 4.0.30319.18408
for Microsoft (R) .NET Framework 4.5
Copyright (C) Microsoft Corporation. All rights reserved.
c:\Program Files (x86)\ScreenConnect\App_Code\MyWindowsMembershipProvider.cs(14,14): error CS1061: 'System.Array' does not contain a definition for 'Where' and no extension method 'Where' accepting a first argument of type 'System.Array' could be found (are you missing a using directive or an assembly reference?)
|
|
|
|
|
|
Rank: Administration Medals:  Joined: 7/23/2013(UTC) Posts: 715  Location: Raleigh, NC Was thanked: 66 time(s) in 63 post(s)
|
"using System.Linq;" at the top of the file should fix that. |
ScreenConnect Team |
|
|
|
|
|
Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8 Location: Aberdeen Thanks: 1 times
|
Alexander/Jake, thank you adding "using System.Linq;" to the top of the app_code file corrected the issue and allowed the web interface to load.
The user Source for authentication is now set to MyWindowsMembershipProvider and I have my roles (AD groups) defined. Whats the next step for assigning a One Time password to the whole role without manually updating each of their corresponding AD records?
Thanks again for all of your help so far
Regards
Wayne
|
|
|
|
|
|
Rank: Administration Medals: Joined: 7/23/2013(UTC) Posts: 715 Location: Raleigh, NC Was thanked: 66 time(s) in 63 post(s)
|
Just change "TFA Role" to the name of the role you want to use two-factor authentication (keeping the quotes). |
ScreenConnect Team |
|
|
|
|
|
Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8 Location: Aberdeen Thanks: 1 times
|
I've tested changing 'TFA Role' to several of my existing roles (that correspond with AD groups) however I don't see any difference when I attempt to log in with an account that is a member of that role. I am prompted for my LDAP username/password and once I enter that I'm logged in. There is no secondary pop up requesting a OneTime password and the accounts do not receive any email from the system.
Under Security the User Source is set to MyWindowsMembershipProvider and under Appearance, SecurityPanel.PasswordQuestionVisible is set to true.
What else needs to be configured to make this work?
Thanks
|
|
|
|
|
|
Rank: Administration Medals: Joined: 7/23/2013(UTC) Posts: 715 Location: Raleigh, NC Was thanked: 66 time(s) in 63 post(s)
|
Hmm, well, the role name is case sensitive if that helps…
If you Lookup User on the security page, does anything appear in the Password Question field, and does the role appear under Roles? |
ScreenConnect Team |
|
|
|
|
|
Rank: Newbie Joined: 7/14/2014(UTC) Posts: 2
|
Originally Posted by: Alexander  Hmm, well, the role name is case sensitive if that helps…
If you Lookup User on the security page, does anything appear in the Password Question field, and does the role appear under Roles? Hi Alexander, I work with Wayne. When we do a lookup of the user the password question field is blank. The role is copied exactly as it is defined. In the lookup we get the following: Roles: Bomgar_Administrators (Matches defined role) Any other suggestions? What should we be seeing? Thanks Kiri
|
|
|
|
|
|
Rank: Administration Medals: Joined: 7/23/2013(UTC) Posts: 715 Location: Raleigh, NC Was thanked: 66 time(s) in 63 post(s)
|
Can you post the exact code you have in the App_Code file? |
ScreenConnect Team |
|
|
|
|
|
Rank: Newbie Joined: 7/14/2014(UTC) Posts: 2
|
Originally Posted by: Alexander Can you post the exact code you have in the App_Code file? using System.Linq; using System.Web.Security; using Elsinore.ScreenConnect; public class MyWindowsMembershipProvider : WindowsMembershipProvider { public override MembershipUser GetUser(string userName, bool userIsOnline) { var baseUser = (DisplayNameMembershipUser)base.GetUser(userName, userIsOnline); if (baseUser == null) return null; var isInTfaRole = this.GetRolesForUser(baseUser.UserName, true) .Where(r => r == "Bomgar_Administrators") .Any(); return new DisplayNameMembershipUser( baseUser.ProviderName, baseUser.UserName, baseUser.ProviderUserKey, baseUser.Email, isInTfaRole ? "email:" + baseUser.Email : string.Empty, baseUser.Comment, baseUser.IsApproved, baseUser.IsLockedOut, baseUser.CreationDate, baseUser.LastLoginDate, baseUser.LastActivityDate, baseUser.LastPasswordChangedDate, baseUser.LastLockoutDate, baseUser.UserDisplayName ); } } This is the code we have in the app_code directory. The file is called MyWindowsMembershipProvider. In the user Source we can select MyWindowsMembershipProvider. When we select MyWindowsMembershipProvider from the drop dowm we see Key DirectoryServerOverride ServiceUserNameOverride ServicePasswordOverride We have not populated this info. But the authentication works. What should we be seeing? Thanks Kiri
|
|
|
|
|
|
Rank: Administration Medals: Joined: 7/23/2013(UTC) Posts: 715 Location: Raleigh, NC Was thanked: 66 time(s) in 63 post(s)
|
Hmmm, that does look like it should work. Oh, looking back, I just realized the problem: in the web.config, <add name="MyWindowsMembershipProvider" type="Elsinore.ScreenConnect.WindowsMembershipProvider" /> should be <add name="MyWindowsMembershipProvider" type="MyWindowsMembershipProvider" /> (Also, just a note: SecurityPanel.PasswordQuestionVisible doesn't make any difference here; it's only used with the Internal user source.) |
ScreenConnect Team |
 1 user thanked Alexander for this useful post.
|
|
|
|
Rank: Newbie Joined: 7/10/2014(UTC) Posts: 8 Location: Aberdeen Thanks: 1 times
|
Hi Alexander,
Thank you, the way we had defined it in the web.config was in fact the issue and its now working.
Throughout our initial attempts to get it working, we had defined it in the format you suggested (we tried quite a few ways to try and get it working), however we were still experiencing other issues related to "System.Linq;" not be defined (as per your other suggestion) and seem we never tried updating the web.config again afterwards.
However as mentioned its now working for us and we made a slight change so that 2FA would be applied to all of our roles as long as they follow the same naming convention, which makes it a little easier for larger deployment and not having to amend the membership file every time we add a new role. Seems to be working well since we started testing.
var isInTfaRole = this.GetRolesForUser(baseUser.UserName, true)
.Where(r => r.StartsWith ("xxx"))
.Any();
Thanks again for your help, very much appreciated.
Regards
Wayne
|
|
|
|
|
|
Rank: Newbie Joined: 11/16/2015(UTC) Posts: 4 
|
Sorry to resurrect an old thread here, but I'm hoping to get this working 5.5 as well. I've got the same 2FA.cs file in app_code and I've modified web.config with the new provider, but getting this compilation error:
Compilation Error
Description: An error occurred during the compilation of a resource required to service this request. Please review the following specific error details and modify your source code appropriately.
Compiler Error Message: CS0246: The type or namespace name 'WindowsMembershipProvider' could not be found (are you missing a using directive or an assembly reference?)
Source Error:
Line 3: using Elsinore.ScreenConnect;
Line 4:
Line 5: public class MyWindowsMembershipProvider : WindowsMembershipProvider
Line 6: {
Line 7: public override MembershipUser GetUser(string userName, bool userIsOnline)
|
|
|
|
|
|
 Rank: Advanced Member Medals:  Joined: 2/19/2015(UTC) Posts: 262 Location: AZ Thanks: 6 times
Was thanked: 52 time(s) in 45 post(s)
|
Originally Posted by: appareledfleck Source Error:
Line 3: using Elsinore.ScreenConnect;
Line 4:
Line 5: public class MyWindowsMembershipProvider : WindowsMembershipProvider
Line 6: {
Line 7: public override MembershipUser GetUser(string userName, bool userIsOnline)
Not sure if this might be the solution to your problem but all references to Elsinore were removed in version 5.3. Any place you see Elsinore.ScreenConnect should be changed to ScreenConnect
|
|
|
|
|
|
Rank: Newbie Joined: 11/16/2015(UTC) Posts: 4
|
|
|
|
|
|
|
 Rank: Guest Joined: 2/19/2018(UTC) Posts: 1 
|
Hello, apparently it has changed since ConnectWise 6.5 (we're using 6.5.16479.6613). I'm using the following code to override the OTP field for LDAP connection: Code:using System.Linq;
using System.Web.Security;
using ScreenConnect;
public class MyWindowsMembershipProvider : LdapMembershipProvider
{
public override MembershipUser GetUser(string userName, bool userIsOnline)
{
var baseUser = base.GetUser(userName, userIsOnline);
if (baseUser == null)
return null;
return new MembershipUserEx(
baseUser.ProviderName,
baseUser.UserName,
baseUser.UserName,
baseUser.ProviderUserKey,
baseUser.Email,
"email:" + baseUser.Email,
baseUser.Comment,
baseUser.IsApproved,
baseUser.IsLockedOut,
baseUser.CreationDate,
baseUser.LastLoginDate,
baseUser.LastActivityDate,
baseUser.LastPasswordChangedDate,
baseUser.LastLockoutDate
);
}
}
Has anything changed in the MembershipUserEx constructor ? I've also changed the line Code:<add name="WindowsMembershipProvider" type="ScreenConnect.WindowsMembershipProvider" />
to Code:<add name="MyWindowsMembershipProvider" type="MyWindowsMembershipProvider" />
in web.config But still, it's not working. LDAP authentification is OK but it's not asking for double authentification.. any suggestions about this ? Thanks & best regards, Adrien
|
|
|
|
|
|
Rank: Administration Medals: Joined: 3/28/2014(UTC) Posts: 2,862 Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
|
I can't say specifically when it changed, but that method now looks like: Code:
public override MembershipUser GetUser(string userName, bool userIsOnline)
{
if (string.IsNullOrEmpty(userName))
return null;
using (var principalContext = this.GetPrincipalContext())
using (var userPrincipal = UserPrincipal.FindByIdentity(principalContext, userName))
{
return userPrincipal == null ? null : new MembershipUserEx(
this.Name,
userPrincipal.UserPrincipalName,
userPrincipal.DisplayName,
userPrincipal.UserPrincipalName,
userPrincipal.EmailAddress,
userPrincipal.Description.SafeNav(d => d.Match("\\[([^\\[]+)\\]").SafeNav(m => m.Groups[1].Value)),
userPrincipal.Description,
true,
userPrincipal.IsAccountLockedOut(), // creation date
DateTime.MinValue,
userPrincipal.LastLogon.GetValueOrDefault(),
userPrincipal.LastLogon.GetValueOrDefault(),
userPrincipal.LastPasswordSet.GetValueOrDefault(),
userPrincipal.AccountLockoutTime.GetValueOrDefault(),
userPrincipal.PasswordNeverExpires ? DateTime.MaxValue : Extensions.TryGet(() => userPrincipal.GetUnderlyingObject().As<DirectoryEntry>().SafeNav(_ => _.InvokeGet("PasswordExpirationDate").To<DateTime>()))
);
}
}
|
ScreenConnect Team |
|
|
|
|
|
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
