Users Unable to Authenticate Using Remote Authentication

Users Unable to Authenticate Using Remote Authentication

APPLIES TO

eXactACCESS Server 4.x

PROBLEM/NEED

Users are unable to log in to XA on XA Client Systems configured in Kiosk Mode and using Remote Authentication.

PRESENTATION

When users attempt to log in to XA, they receive an error message saying: "Logon Message: You do not have permissions to log on. Contact your system administrator or help desk."

ROOT CAUSE

The root cause of this issue is usually that the Remote Authentication server has not had the proper security policies applied.

RESOLUTION

The following Local Security Policies must be applied. See Remote Authentication for more information on this process.

1. Domain Users (or the restricted set of users allowed to perform remote authentication) must be added to "Log on as Batch Job"

2. The SERVICE ACCOUNT running the HCI Remote Authentication Server service must be granted "Act as part of Operating System" and "Impersonate a client after authentication" permissions.

3. Domain Users (or the restricted set of users allowed to perform remote authentication) must be granted 'Read & Execute' rights to the directory C:\Program Files (x86)\HealthCast\eXactACCESS\SessionDir and the file C:\Program Files (x86)\HealthCast\eXactACCESS\SessionDir\HasAccess.txt

   • Ownership of this folder and file may be changed to 'System' during an XA Server upgrade.  If ownership is assigned to 'System' it will need to be changed so that the owner of this file and folder is an administrative account or group.