Windows Login with RDP support

Windows Authentication and Authorization backed by the Foxpass LDAP server

🚧

This feature is still in "beta". We welcome you to test it, and we look forward to your feedback.

Foxpass now supports a native Windows login screen supporting Authentication and Authorization backed by our LDAP server. Access over RDP is also supported. This product is currently in beta mode and free to test by everyone. In the near future, this product will become a paid product.

Features

  1. Agentless Windows authentication and authorization backed by the Foxpass LDAP server.
  2. Allow specific users to access specific Windows machines by configuring host groups with a set of your own rules.
  3. Make a user a Windows Administrator or normal user based on a preconfigured LDAP group.
  4. New users automatically get a new account on the Windows Machine.
  5. Log in to the Windows Machine even without an active internet connection.
  6. Support for login via RDP (Remote desktop protocol).
  7. Easy installation and quick configuration to get started.

Getting started

  1. Get the Windows installer by going here.
  2. Run the installer on your Windows machine (ignore the Windows Defender warning) and follow the steps to install the product.
  3. After installation, open the Foxpass Windows Login shortcut from your Desktop. Click on the Settings button and fill in your LDAP Binder details and API key. To get LDAP Binder details, go to Foxpass console binder's page, create a new Binder 'windows-binder' and copy the binder-name and password from there. To get your API key, go to the API keys page on your Foxpass Console.

  1. Logout from your current user and you will be able to see the Foxpass Windows Login screen now. You can now log in using your Foxpass Username (not email) and Password. Foxpass Windows login will automatically create a new user the first time (takes a few minutes) if the user doesn't exist on your local machine.

RDP (Remote desktop protocol)

Foxpass Windows Login screen can be configured to be available over RDP / Remote Desktop (Windows, Mac).

  1. Install the Foxpass Windows Login Screen, configure it as explained in the earlier sections, and do a test login via your Foxpass username and password.
  2. Have the IP address of your Windows machine ready i.e. private IP if accessing windows over RDP on your local network or the dedicated public IP if accessing windows over RDP on the internet.
  3. Download the Foxpass RDP configuration script.cmd file and Run it as Administrator.
  4. Download the Foxpass RDP access.rdp file and open it in Notepad / another text editor. Update the full address:s:10.0.0.181 to reflect your IP address from step 2. Save the file and double click to run it in the Remote Desktop software (Windows, Mac). You also need to update the username and that can be found here.
  5. Restart windows once. Now, you can connect to your Windows instance using the updated RDP file and on connecting, it will present you with the Foxpass Windows Login screen.

Note: For windows hosted on Amazon EC2 , the full address is your Public IPv4 DNS address. This can be found by selecting your Windows instance in the AWS console and under the Instance summary.

1142

RDP Settings for Amazon EC2

FAQs

Q1. How can I make a user a Windows Administrator?
Go to the Groups settings page in Foxpass Console. Create a new group with the specific name Windows-Administrators and add the required users to that group to make them Administrators. Next time those users log in via the Foxpass Windows Login screen, they will become Administrators for that Windows machine.

Q2. How can I configure a Host group?
Go to the Hostgroups settings page in Foxpass Console. Edit existing or create a new host group with a name of your choice such as Windows-Hostgroup and add all users / required members / required group members to that host group. Next, configure the rules by clicking on Expand. A sample rule is Hostname exactly matches Win21Office where Win21Office is your Windows' computer name. Next time those users log in via the Foxpass Windows Login screen, they will be allowed or disallowed to access the Windows machine based on the Hostgroup and it's rules that you just setup.

Q3. What if I don't have internet connectivity, will I be able to log in?
If you don't have internet connectivity, you can log in using the local User icon shown separately on the Login screen.

Q4. What if I change my password in the Foxpass console?
If you change your password in the Foxpass console, you will be able to login to Windows using the new password via the Foxpass Windows Login screen. It will also update the local password for that user.

Q5. How can I know any successful and unsuccessful Windows login attempts?
Any successful and unsuccessful Windows login attempts will be shown in the LDAP logs screen in your Foxpass console. If no logs are shown, check your LDAP binder information and password as explained in step 3 above.

Q6. I have configured RDP but still not able to connect to the Windows machine?
Please ensure the following checklist is working fine:

  • Windows machine is turned on and has internet access.
  • You have installed and configured Foxpass Windows login screen and tested that it is working fine.
  • You have properly configured the RDP settings with the Foxpass RDP configuration script.
  • You have the correct IP address in the Foxpass RDP access.rdp file.

Q7. Can I access a Windows instance running on VirtualBox over RDP?
Yes, via VirtualBox extension pack, you can enable RDP access to a Windows instance running on VirtualBox. Refer to this article for more information.

Do not hesitate to reach out to us if you have any feedback or issues.