LDAP authentication with VNC for Windows

I've scoured the internet trying to find the answer to this question, but I haven't found it yet. Is there a VNC server that will allow LDAP authentication? The VNC server is a non-domain computer, but connections need to authenticate to an external LDAP server. I currently use RealVNC Enterprise for my VNC server, but I could change products if I gain LDAP functionality.

I'm about to pull my hair out trying to find the answer to this, so if you know the answer I would REALLY appreciate your time.

Thanks in advance!
LVL 2
luke_brannonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AnuroopsunddCommented:
0
luke_brannonAuthor Commented:
Unfortunately that product doesn't use the VNC protocol. I need a product that supports that protocol because we use VNC apps on mobile devices.
0
Keith AlabasterEnterprise ArchitectCommented:
First of all - VNC is not actually a protocol, it is an application that uses other protocols over the tcp stack. To be pedantic is uses RFB over TCP but if you want the details of it (its very simplistic) you can look it up on the vnc web site. As I recall you select the port number(s) that VNC will listen on.

I would suggest you will need a product akin to Microsoft's ISA Server or the successor, Forefront TMG 2010, which are application gateways which intercept the requests and perform actions along the line of 'man in the middle'. In this case, you may be able to authenticate requests arriving at your location that matched the protocol/port number and pass authentication to their standard services. ISA/FTMG create connections to AD, LDAP, SecureID and RADIUS servers (assuming you have one of those setup) and then either block/allow depending on policy.

I haven't tried VNC as the product has never met our need (or we have never had a need for VNC to be clear on that point) but we DO use many other products such as OWA, FTP, etc that are authenticated by LDAP.

MS provide 180-day trials of TMG and ISA but they are Enterprise products so education on use etc is not small nor is cost.

Keith
0
luke_brannonAuthor Commented:
Keith,

Would the authentication still take place through the VNC authentication prompt? I want to make sure it will be compatible with all of my VNC clients. Do you think this product may be overkill for what I'm trying to do?
0
Keith AlabasterEnterprise ArchitectCommented:
Yes - it is huge overkill but if it provides the one function that you MUST have then potentially it is actually part of the solution. My predicament is that I have never used VNC so can only put this forward as a suggestion.

I know that VNC have looked at LDAP authentication themselves and there appears to be some options for Linux-type installations but I can find nothing for wintel scenarios.

With respect to login prompt, again I have to be vague but in my own I get a prompt from the ISA server with the responses being passed to the authenticating service.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.