Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-7335: Configure RealVNC Enterprise to authenticate with Centrify DirectControl

19 August,16 at 09:22 AM

Applies to: Centrify DirectControl (All Versions)

Background:

Configure RealVNC Enterprise to authenticate with Centrify DirectControl

The following procedure is tested on:
- CentOS 6.5
- RealVNC Enterprise 5.2.0  (on a trial license)
- Centrify 5.1.3

It is highly recommended to read the following Guide before one starts the configuration:
-   VNC User Guide (Version 5.2, dated June 2014) from:
     https://www.realvnc.com/products/vnc/documentation/5.2/

Assumptions:

1.   The system being configured has already joined to an Active Directory domain by using the Centrify ‘adjoin’ command.
2.    Firewall (if turned on on the VNC server) allows network communication to the port (more on this later) on which VNC Server is listening.
3.    ‘xterm’ has been installed on the system. If not, ‘yum install xterm’ to install it.

The following only addresses how to configure Enterprise VNC to authenticate with Centrify DirectControl, running VNC Server in Virtual Mode as a service. It does not address the configuration of Enterprise VNC in Service Mode or User Mode. All the commands specified are run as user ‘root’.

Solution:

* If adding/modifying a file, it is recommended to create a copy of the original file first.
* First section is about installation of VNC, if there is any change or update about installation of Enterprise VNC, please refer to official document from RealVNC.  Reader may refer to the following link as a starting point for related information:

https://www.realvnc.com/docs/deployment-script.html
(Link provided as courtesy)

1.    Install Enterprise VNC
a.    Download Enterprise VNC from https://www.realvnc.com/download/
b.    Get a license key from www.realvnc.com.
c.    Un-compress the downloaded file and install it:
cd /tmp; tar -zxf VNC-5.2.0-Linux-x64-RPM.tar.gz
rpm -U VNC-Server-5.2.0-Linux-x64.rpm

d.    Install the license
vnclicense -add <theLicenseKey>

2.    Configuration
a.    Create new file /etc/vnc/config.d/common.custom with one line of content:
PamApplicationName=vncserver.custom
b.    Create /etc/pam.d/vncserver.custom by coping from system-auth OR common-auth (choice depends on OS)
Either:
cp /etc/pam.d/system-auth /etc/pam.d/vncserver.custom
Or:
cp /etc/pam.d/common-auth /etc/pam.d/vncserver.custom

Note: After the copy, one would see that at the beginning of the file /etc/pam.d/vncserver.custom the Centrirfy PAM library is being used. For example, one would see line like this:
auth       sufficient     pam_centrifydc.so

c.    Start VNC Virtual Mode as a service:
/etc/init.d/vncserver-virtuald start

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.