logo
Welcome Guest! You can not login or register.

Notification

Icon
Error

Options
Go to last post Go to first unread
dgruen  
#1 Posted : Friday, October 19, 2018 2:30:13 PM(UTC)
dgruen


Rank: Guest

Joined: 10/19/2018(UTC)
Posts: 1
Switzerland

Hi@all

I'm testing connectwise control as on-premise solution.
In my test I have activated LDAP authentication. Basically, that would be a great thing.
Now I have recognised that in a case of brut force attack from internet to our ConnetWiese login page, my Active Directory account will become locked.

This means for me, I cann't use LDAP for Authentication without risking that Active Directory accounts could be affected.
I have not found any helpful solution yet.

Is there a configuration to prevent an lockout from Acive Directory accounts?
Or is ther a configuration that ensures a use of LDAP only in our internal LAN and for access from internet only local ConnectWise accounts?

I'm thankful for all the helpful hints.

Scott  
#2 Posted : Wednesday, November 14, 2018 2:02:40 PM(UTC)
Scott


Rank: Administration

Medals: Level 4: Wise Old Owl! Received 100 Thanks!

Joined: 3/28/2014(UTC)
Posts: 2,862
United States

Thanks: 3 times
Was thanked: 351 time(s) in 303 post(s)
I can certainly understand wanting to avoid unnecessary lockouts for Active Directory users although in this case I'm inclined to think that its desired behavior. If someone were attempting to brute force a user's password you would want the same security applied at the Windows authentication level to LDAP requests for authentication.

As a potential alternative, we added both SAML and OAuth as possibilities for authentication. You can use ADFS to authenticate this way.

Also, please don't hesitate to register your request within our Product Feedback Portal.
ScreenConnect Team
Users browsing this topic
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.