Knowledge Base
All KB
Documents DT Documents
Articles & FAQs AR Articles
Trouble Reports TR Trouble Reports
Software Updates SU Software Updates
Searching in : Article
ID: AR04O00925
Applies to: NoMachine Software
Added on: 2017-04-14
Last Update: 2024-10-25

Troubleshooting NoMachine in a Active Directory Domain

CASE 1

When NoMachine (server) is already installed on a Active Directory Domain controller, depending on how AD is configured, next installations of NoMachine (server) on Linux domain clients being part of this AD environment may not work properly.

The installation of NoMachine on the AD controller creates the "nx" user which is added to the Domain Users database. This prevents the nx home directory from being created locally on the Linux domain client with proper rights, required for NoMachine to work correctly.

A symptom of this issue can be observed in the installation log file located in /usr/NX/var/log/nxinstall.log :

"User: nx is network user."

Important:

Installing NoMachine on AD controller can break existing NoMachine installations on some domain clients.

 

Possible alternative solutions:

1) If Centrify identity management system is used with AD

Add the nx user to the 'user.ignore' file.

Login as root:

$ sudo su

$ echo "nx" >> /etc/centrifydc/user.ignore

2) If SSSD Authentication is used with AD

Change the configuration in the sssd.conf file by adding this line:

use_fully_qualified_names = True

Important:
This disables possibility to connect to Domain User account with shortened name.


3) Uninstall NoMachine from the AD controller 

Last option is to uninstall NoMachine from the Windows AD controller host, if possible.
 

CASE 2

When NoMachine (server) is installed on a Active Directory Domain controller, the nxserver doesn't start when the machine is rebooted. A symptom of this is that the !M icon is not present in the system tray.

This problem occurs when the nxservice starts before the Active Domain controller service and therefore NoMachine is unable to correctly impersonate the nx user.

To avoid that nxservice is started before the AD service
1) open the registry editor as administrator (redegit.exe in Power Shell). 
2) Find this key:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\nxservice
3) and add the following string key:
Name: DependOnService
Value: NTDS
4) Save and restart windows.