sheckandar's community posts

I tried the test files, but the issue persists. In addition, I am seeing another error on the host side.

Code: #35#
Event: Password is incorrect or error occurs.
IP: loopback

Code: #63#
Event: Exception: Error TMyOpenSSLSocket.ReadStream. (EMyOpenSSLException).
IP: 
Dat a:
date/time          : 2024-12-22, 17:49:35, 850ms
computer name      : <redacted>
user name          : SYSTEM <admin>
registered owner   : Recovery
operating system   : Windows 10 x64 build 19045
system language    : English
system up time     : 16 hours 40 minutes
program up time    : 43 seconds
processors         : 4x Intel® Core™ i5-6500T CPU @ 2.50GHz
physical memory    : 11708/16231 MB (free/total)
free disk space    : (C:) 150.18 GB
display mode       : 1024x768, 32 bit
process id         : $2a8c
allocated memory   : 38.10 MB
largest free block : 1.63 GB
command line       : "C:\Program Files (x86)\Remote Utilities - Host\rutserv.exe" -service
executable         : rutserv.exe
exec. date/time    : 2024-10-16 21:30
version            : 7.6.2.0
callstack crc      : $9f1db5de, $37061158, $37061158
exception number   : 1
exception class    : EMyOpenSSLException
exception message  : Error TMyOpenSSLSocket.ReadStream.

thread $20d8 (TMyOpenSSLMsgTransportThread):
00ec49e3 +0b7 rutserv.exe  uOpenSSLUtils   942 +34 TMyOpenSSLSocket.ReadStream
00ec49e9 +0bd rutserv.exe  uOpenSSLUtils   942 +34 TMyOpenSSLSocket.ReadStream
00ec4a83 +037 rutserv.exe  uOpenSSLUtils   955  +5 TMyOpenSSLSocket.ReadInt32
00ec540b +2df rutserv.exe  uOpenSSLUtils  1241 +99 TMyOpenSSLMsgTransportThread.Execute
00bbc293 +02b rutserv.exe  madExcept               HookedTThreadExecute
00bbc2fe +096 rutserv.exe  madExcept               HookedTThreadExecute
00c4b625 +049 rutserv.exe  System.Classes          ThreadProc
00c4b688 +0ac rutserv.exe  System.Classes          ThreadProc
00b0b174 +028 rutserv.exe  System         1267  +0 ThreadWrapper
00bbc179 +00d rutserv.exe  madExcept               CallThreadProcSafe
00bbc1de +032 rutserv.exe  madExcept               ThreadExceptFrame
00bbc254 +0a8 rutserv.exe  madExcept               ThreadExceptFrame
7681fcc7 +017 KERNEL32.DLL                         BaseThreadInitThunk
>> created by thread $269c (TIdThreadWithTask) at:
00c4b6ec +018 rutserv.exe  System.Classes          TThread.Create

main thread ($924):
00000000 +ff4c390c rutserv.exe madStackTrace +0 StackAddrToStr
>> stack will be calculated soon

cpu registers:
eax = 04bcc450
ebx = 00ec0f64
ecx = 00000000
edx = 027dadf8
esi = 04bcc450
edi = 00bbc1ac
eip = 00ec49e8
esp = 081ef800
ebp = 081ef854

stack dump:
081ef800  e8 49 ec 00 de fa ed 0e - 01 00 00 00 07 00 00 00  .I..............
081ef810  14 f8 1e 08 e8 49 ec 00 - 50 c4 bc 04 64 0f ec 00  .....I..P...d...
081ef820  50 c4 bc 04 ac c1 bb 00 - 54 f8 1e 08 30 f8 1e 08  P.......T...0...
081ef830  72 aa b0 00 89 49 ec 00 - 5c f8 1e 08 eb 49 ec 00  r....I..\....I..
081ef840  54 f8 1e 08 08 4a 03 00 - 30 c1 bc 04 04 00 00 00  T....J..0.......
081ef850  08 4a 03 03 74 f8 1e 08 - 86 4a ec 00 7c f8 1e 08  .J..t....J..|...
081ef860  48 a8 b0 00 74 f8 1e 08 - 00 00 00 00 00 00 00 00  H...t...........
081ef870  00 00 00 00 ec f8 1e 08 - 0e 54 ec 00 f4 f8 1e 08  .........T......
081ef880  48 a8 b0 00 ec f8 1e 08 - 00 15 ff 02 2c 51 ec 00  H...........,Q..
081ef890  40 c8 40 06 f0 fb 3e 06 - f0 fb 3e 06 40 c8 40 06  @.@...>...>.@.@.
081ef8a0  68 c8 40 06 00 00 00 00 - d0 c1 bc 04 80 ff 3e 06  h.@...........>.
081ef8b0  68 c8 40 06 01 00 00 00 - 01 00 00 00 00 00 00 00  h.@.............
081ef8c0  00 00 00 00 3d a9 93 03 - 00 00 00 00 47 90 93 03  ....=.......G...
081ef8d0  00 00 00 00 14 00 00 00 - 00 00 00 00 00 00 00 00  ................
081ef8e0  00 00 00 00 00 00 00 01 - 50 14 1d 06 1c f9 1e 08  ........P.......
081ef8f0  95 c2 bb 00 00 f9 1e 08 - 18 a6 b0 00 1c f9 1e 08  ................
081ef900  24 f9 1e 08 00 c3 bb 00 - 1c f9 1e 08 ac c1 bb 00  $...............
081ef910  00 15 ff 02 6c f9 1e 08 - 50 14 1d 06 4c f9 1e 08  ....l...P...L...
081ef920  28 b6 c4 00 30 f9 1e 08 - 32 b6 c4 00 4c f9 1e 08  (...0...2...L...
081ef930  54 f9 1e 08 8a b6 c4 00 - 4c f9 1e 08 ac c1 bb 00  T.......L.......

disassembling:
[...]
00ec49cb       mov     dword ptr [eax+$24], $a
00ec49d2 942   mov     ecx, $ec4a08
00ec49d7       mov     dl, 1
00ec49d9       mov     eax, [$ec08f0]
00ec49de       call    -$360f93 ($b63a50)     ; System.SysUtils.Exception.Create
00ec49e3     > call    -$3ba07c ($b0a96c)     ; System.@RaiseExcept
00ec49e8       pop     eax
00ec49e9       jmp     eax
00ec49eb       jmp     -$3ba228 ($b0a7c8)     ; System.@HandleFinally
00ec49f0       jmp     loc_ec49b7
00ec49f2 945   movzx   eax, byte ptr [ebp-$d]
[...]

Conrad Sallian wrote:

Hello Sheckandar,

Do you use RU Server in your setup?

Yes, I do.

1. Host domain and Viewer domain are unrelated and cannot have trust set up.
2. Time is correct on all computers and synced via NTP.
3. I am not being asked to enter any credentials before authentication failure is reported.
4. I think kerberos is set up correctly as I can authenticate for RDP and it works.

I set up SPN for my username as

host/<username>.<fqdn>

, however, the issue remained. Also, the SPN entry under Connection Properties -> Security disappears after each authentication attempt.

I would like to know more about how kerberos authentication is handled.

I was under the impression that the Host would initiate kerberos authentication as it is the only endpoint inside the AD domain. All other software is outside the domain and cannot communicate with the kerberos server. Furthermore, since I'm not being asked to enter any credentials, I'm assuming that the Viewer is using logged on user's security context to request a kerberos ticket, which would fail since the domains are different.

We have NTLM disabled across the entire domain. I'm trying to use kerberos Windows Authentication, but it fails.

Host error:

Code: #35# Event: Password is incorrect or error occurs. IP: loopback

Hosts are connected to a self hosted server outside of the domain. Viewer is on another PC and connecting to hosts over Internet via the self hosted server. The PC with Viewer is domain joined to a different domain.

All Remote Utilities software is of the latest version.