LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-19-2017, 10:59 AM   #1
Henry195
LQ Newbie
 
Registered: Apr 2017
Posts: 3

Rep: Reputation: Disabled
RDP with PKI credential from a Linux system to Windows Domain Controller


I have been told that we are unable to authenticate a Linux client over RDP to a Windows based Domain with PKI credentials.
Questions: 1) Is this supported on Linux 5.3? 2) if no is there a version of Linux that supports this configuration? 3) If yes what version of Linux will is supported? 4) If no is there a work around or do I need to implement a different protocol other than RDP? i.e. PKI over SLL Port 443

Details are below:

Linux version in use is 5.3 and Windows Server 2008R2 (terminal services).
Authentication through terminal services running Windows 2008R2 for a windows 2008R2 domain.

The Linux system is connected through an ASA5525x firewall (System boundary) to the edge switch of the Windows system. Microsoft terminal services are running for the RDP connection. The Linux system would like to authenticate PKI Logon over TCP-3389 for the end user for access to both LAN. In addition the PKI credentials need to be offered to some required WAN.

Thank you for any help in answering these questions.
 
Old 04-19-2017, 12:10 PM   #2
rtmistler
Moderator
 
Registered: Mar 2011
Location: MA, USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 8,037
Blog Entries: 13

Rep: Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486
Welcome to LQ.

Linux 5.3 what distribution? Sounds like RHEL, if so that is old.

Windows Server 2008R2 is older than RHEL 5.3

Both of those products ended normal support and are on extended support from the manufacturers.

RDP and using PKI as well as SSL (if that also was a typo on your part) are all very capable with current versions of both RHEL and Windows server.

You may need to perform upgrades or patches to ensure you can get this working.

Suggest you provide some additional details about the Linux machine if you wish to use it as a client to the W2008 server.
 
Old 04-19-2017, 01:11 PM   #3
Henry195
LQ Newbie
 
Registered: Apr 2017
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thank you for welcoming me and the quick reply.

Sorry yes it is a RHEL distribution and I made a mistake about the exact version looks to be 5.8. Linux is used as a client to RDP into the terminal server.

Both RHEL and Windows2008R2 are maintained with patching however updating them is not no option, these 2 systems are military and they are not in a current update cycle.

Yes we need to RDP with PKI credentials form the Linux client to the 2008R2 terminal server. This is the current configuration and I am told it will not work. The SSL approach was an alternative solution to RDP between Linux and windows using PKI authentication.

I have uploaded an attachment of a quick diagram as well.
Attached Files
File Type: pdf Visio-System Interface Diagram3.pdf (93.9 KB, 2 views)
 
Old 04-19-2017, 01:50 PM   #4
rtmistler
Moderator
 
Registered: Mar 2011
Location: MA, USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 8,037
Blog Entries: 13

Rep: Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486
I would guess that the detailed answers can come from RedHat support to advise you what exactly you can and cannot do with your particular system, considering that you cannot change it.

You can try to install rdesktop to see if you can establish a client with the 2008 server.
 
Old 04-19-2017, 02:45 PM   #5
Henry195
LQ Newbie
 
Registered: Apr 2017
Posts: 3

Original Poster
Rep: Reputation: Disabled
Thank you for your time. It sounds like once we are in an upgrade cycle where we will migrating to RHEL 7.3 and Widnows2016. We will not have an issue and we will be able to RDP with PKI authentication natively between the two systems?
 
Old 04-19-2017, 02:50 PM   #6
rtmistler
Moderator
 
Registered: Mar 2011
Location: MA, USA
Distribution: MINT Debian, Angstrom, SUSE, Ubuntu, Debian
Posts: 8,037
Blog Entries: 13

Rep: Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486Reputation: 3486
Quote:
Originally Posted by Henry195 View Post
Thank you for your time. It sounds like once we are in an upgrade cycle where we will migrating to RHEL 7.3 and Widnows2016. We will not have an issue and we will be able to RDP with PKI authentication natively between the two systems?
I'm assuming so, however when you are in that upgrade cycle, you can very much contact RedHat to get the specific instructions as to how to install, configure, and use rdesktop to accomplish RDP with the Windows server. And likely they may also have guidance on any important settings recommended for Windows.
 
Old 04-19-2017, 03:32 PM   #7
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Yawnstown, Ohio
Distribution: Mojave
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
I connect to Win200x servers every day using rdesktop.
Never seen it ask for a Certificate, nor any place to utilize one. Must be a GUI/Client issue?

Maybe remmina will do a cert.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Replacing a Windows Domain Controller with a Linux:OpenLDAP importing from Windows AD mstevensfullarmor Linux - Enterprise 14 02-15-2012 06:05 PM
[SOLVED] Linux Domain Controller on a current Windows Server Domain LaurelRaven Linux - Server 3 02-02-2012 07:43 AM
Linux as a windows domain controller? tehkaao Linux - Server 2 12-14-2007 10:35 AM
Linux domain controller like system? PeterN Linux - Newbie 4 12-22-2003 11:59 AM
Windows domain controller and Linux Apox Linux - Networking 1 08-01-2003 07:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:59 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration