Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Auto-logout
  •  
tgeery

Messages: 8
Karma: 0
Send a private message to this user
Is there a way, via script or otherwise (sample script would be great if by script) to have a user get auto-logged out of Winroute other than the timeout feature in the Advanced Settings dialog?

The reason I ask is that if a user in a non-domain network logs off their computer and another user logs on, the first user is still logged into Winroute and the second user is now able to gain internet access based on the first users credentials.

If there was a way to auto-log out of Winroute, this issue could be prevented...

TIA!
  •  
tgeery

Messages: 8
Karma: 0
Send a private message to this user
Wow! Not a single hit on this query???
  •  
adrianpreoteasa

Messages: 5
Karma: 0
Send a private message to this user
Yes i have the same question. I am searching this forums for 2 days now and didn't found any tip about the way to log-out from firewall the user befor Windows log-off.

Also it will be grate if somebody know how to log-in the user at the firewall automaticly at the windows log-on, so that the non-web trafic could be counted (messenger,ftp...).
  •  
soukupl

Messages: 70
Karma: 0
Send a private message to this user
tgeery wrote on Tue, 13 April 2004 00:32

Is there a way, via script or otherwise (sample script would be great if by script) to have a user get auto-logged out of Winroute other than the timeout feature in the Advanced Settings dialog?

The reason I ask is that if a user in a non-domain network logs off their computer and another user logs on, the first user is still logged into Winroute and the second user is now able to gain internet access based on the first users credentials.

If there was a way to auto-log out of Winroute, this issue could be prevented...

TIA!



YES. You can use CURL.exe to do this....
Just call this with logout script:
curl.exe http://gateway/fw/login?ButtonLogout=1

You can download curl.exe here: http://curl.haxx.se/download.html

Ladislav Soukup
  •  
adrianpreoteasa

Messages: 5
Karma: 0
Send a private message to this user
Hello soukupl,

Do you know a way to sign-in users with a Logon script useing this little program?

I have tryed the following:
curl -o x.x --ntlm --location-trusted http://www.google.com/
curl -o x.x --ntlm --location-trusted http://gateway/fw/login/
curl -o x.x --ntlm --location-trusted http://gateway/fw/ntlm/login/
and none has worked out for me. Very rare it happens that i get logged in but most of the time i get the Login KWF web page.
I have used a pretty standart NTLM,SSL,SSIP... curl binary.

If you know any way to set up a Logon script (to KWF) with curl, please post here.

At the moment i smply pop-up the web browser at the logon to force clients to logon, but this is not very nice...

[Updated on: Wed, 24 May 2006 14:23]

  •  
soukupl

Messages: 70
Karma: 0
Send a private message to this user
adrianpreoteasa wrote on Wed, 24 May 2006 14:20


Do you know a way to sign-in users with a Logon script useing this little program?


CURL.exe can't send NTLM. You can try VBS script...

This code is not tested!
Dim oIE
Set oIE = CreateObject("InternetExplorer.Application")
oIE.Visible = False
oIE.Fullscreen = False
oIE.Toolbar = True
oIE.Statusbar = True
oIE.Navigate("http://www.google.com/")


!!! there should be somethink like, oIE.close(), but I don't have time to test it.
BTW: While tisting, set oIE.Visible = True


Ladislav Soukup
  •  
opsi

Messages: 2
Karma: 0
Send a private message to this user
Dim oIE
Set oIE = CreateObject("InternetExplorer.Application")
oIE.Visible = FALSE
oIE.Fullscreen = False
oIE.Toolbar = True
oIE.Statusbar = True
oIE.Navigate("http://www.google.com/")
oIE.quit

ITS WORK
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Just out of curiosity;
Why would you want to log them into the firewall upon Windows login? Isn't it sufficient that they get logged in when starting a browser session? One reason I can think of: is it so that users can use other protocols then HTTP before actually having to open a browser to open the firewall?
  •  
soukupl

Messages: 70
Karma: 0
Send a private message to this user
winkelman wrote on Thu, 01 June 2006 11:17

Just out of curiosity;
Why would you want to log them into the firewall upon Windows login? Isn't it sufficient that they get logged in when starting a browser session? One reason I can think of: is it so that users can use other protocols then HTTP before actually having to open a browser to open the firewall?

We have problems with Nokia PC suite... When PC suite starting it wants to connect to nokia.com and download some updates... If it is redirected to KWF login page, Nokia PC suite will crash Sad
OK, Nokia PC suite is very bad software - you know... NOKIA: Connecting people, not devices Wink

Ladislav Soukup
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Nokia's Suite is like a spoiled child: if it doesn't immediately get what it wants, it breaks down Smile
  •  
adrianpreoteasa

Messages: 5
Karma: 0
Send a private message to this user
winkelman wrote on Thu, 01 June 2006 11:17

Just out of curiosity;
Why would you want to log them into the firewall upon Windows login? Isn't it sufficient that they get logged in when starting a browser session? One reason I can think of: is it so that users can use other protocols then HTTP before actually having to open a browser to open the firewall?



Exactly we need to have them (users) authenticated to the firewall before any user service starts to use Internet.
  •  
uniquegodwin

Messages: 13
Karma: 0
Send a private message to this user
Hello,
Even we need the same feature...
I'd be surprised if KWF doesn't have any way this when all the other UTM devices have this feature.

Is this totally impossible with kwf?
  •  
Steve B.

Messages: 2
Karma: 0
Send a private message to this user
If it were me I'd create a custom http rule for the Nokia software and then adjust the priority of the rule to fall above the HTTP authenticated users rules. This is typically done for Windows and Apple updates for most default installations.

For the Nokia rule you would need to add the site to an "allowed sites" list of some sort. Then just reference this list when you issue the rule.

-Steve
Previous Topic: DNS Problem
Next Topic: DHCP with MAC Adressing takes first dynamic range
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 03:57:39 CET 2017

Total time taken to generate the page: 0.00551 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.