482836 – Unable to login with domain user

Bug 482836 - Unable to login with domain user

Summary: Unable to login with domain user

Status:	RESOLVED DUPLICATE of bug 481968

Alias:	None

Product:	krdc
Classification:	Applications
Component:	RDP (show other bugs)
Version:	24.02.0
Platform:	Arch Linux Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Urs Wolfer

URL:
Keywords:	regression

Depends on:
Blocks:

Reported:	2024-03-08 08:51 UTC by shivarryn
Modified:	2024-03-08 14:56 UTC (History)
CC List:	3 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Attempt to provide the domain to libfreerdp (1.36 KB, patch) 2024-03-08 08:51 UTC, shivarryn	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description shivarryn 2024-03-08 08:51:33 UTC

Created attachment 166687 [details]
Attempt to provide the domain to libfreerdp

SUMMARY
Starting from 24.02.0, I'm unable to login using the DOMAIN\USER username.
Version 23.08.5 works correctly, as well as invoking xfreerdp directly with the parameters /u:USER /d:DOMAIN or /u:DOMAIN\\USER.

STEPS TO REPRODUCE
Login attempt with a domain user (DOMAIN\USER) results in authentication failure:

KRDC: Starting RDP session
[09:14:14:707] [85344:85344] [WARN][com.freerdp.crypto] - Certificate verification failure 'self-signed certificate (18)' at stack position 0
[09:14:14:707] [85344:85344] [WARN][com.freerdp.crypto] - CN = xxxxxxxx
[09:14:15:909] [85344:85344] [WARN][com.freerdp.core.nla] - SPNEGO received NTSTATUS: STATUS_LOGON_FAILURE [0xC000006D] from server
[09:14:15:909] [85344:85344] [ERROR][com.freerdp.core] - nla_recv_pdu:freerdp_set_last_error_ex ERRCONNECT_LOGON_FAILURE [0x00020014]
[09:14:15:910] [85344:85344] [ERROR][com.freerdp.core.rdp] - rdp_recv_callback: CONNECTION_STATE_NLA - nla_recv_pdu() fail
[09:14:15:910] [85344:85344] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1
KRDC: Unable to connect
KRDC: ERRCONNECT_LOGON_FAILURE Logon failed.

ADDITIONAL INFORMATION

It is probably related to the xfreerdp -> libfreerdp change.

Looking at the code, it seems that the domain is not parsed and provided to the freerdp library.
I tried then with the attached patch -- it seems to proceed, but now I encounter a different error (connection closed by remote server?):

KRDC: Starting RDP session
[09:18:29:151] [88014:88014] [WARN][com.freerdp.crypto] - Certificate verification failure 'self-signed certificate (18)' at stack position 0
[09:18:29:151] [88014:88014] [WARN][com.freerdp.crypto] - CN = xxxxxxxx
[09:18:29:454] [88014:88014] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 104: Connessione interrotta dal corrispondente
[09:18:29:454] [88014:88014] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[09:18:30:976] [88014:88014] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 104: Connessione interrotta dal corrispondente
[09:18:30:976] [88014:88014] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[09:18:30:976] [88014:88014] [ERROR][com.freerdp.core] - freerdp_post_connect failed
KRDC: Unable to connect
KRDC: ERRCONNECT_CONNECT_TRANSPORT_FAILED The connection transport layer failed.

I am unable to debug further at this point.

freerdp version is 2.11.4.

Comment 1 Tony Murray 2024-03-08 14:56:00 UTC

*** This bug has been marked as a duplicate of bug 481968 ***