cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Contributor

Re: Credentials not stored in Central or Ignition. All browsers

Ok, I know this is an older thread but here is an update.

 

The client whose credentials were repeatedly being asked for has bought a new computer. I have set it up with LMI and the same username and password and now the LMI Client does remember the details and allows me to log in automatically. So far so good.

 

However I now have another machine which I am in the process of setting up (Windows 10 Pro, brand new) and I have just installed LMI. Remarkably once again I have the issue with the credentials not being remembered. A message comes up that they have been wiped and I have to enter them manually both in LMI Client and LMI Central. Central does at least show the user name but no password is retained.

 

What is going on here? There must be a reason. It must be something at the host end otherwise why would it affect both LMI Client and Central?

 

We really need an answer to this.

Highlighted
Active Contributor

Re: Credentials not stored in Central or Ignition. All browsers

I have now examined the log on the host machine and am seeing some entries which might explain why I am not able to log in automatically and have to enter the credentials again.

 

One such entry is this: ....Login failed: Account restrictions are preventing this user from signing in. For example: blank passwords aren't allowed, sign-in times are limited, or a policy restriction has been enforced. (1327)

 

As far as I can see none of those reasons apply although I don't know how the sign-in time could be adjusted or what policy restriction could be in force. The password is definitely not blank.

 

Another log entry I have seen is this one: ....Error - LogMeIn - NT AUTHORITY\SYSTEM - 08804 - 0x0000103C - DecryptCredentials - Failed to query key by id: f9f12d4e90e941526f90a6d71d0cd7f1, error: 766

 

And yet another entry that may be relevant is this one: ....LogMeIn - NT AUTHORITY\SYSTEM - 08804 - 0x0000103C - DecryptCredentials - RSA_check_key returned with invalid RSA key: error:0407B07B:lib(4):func(123):reason(123)

 

Can anybody throw some light on what is happening and how it might be resolved?

Highlighted
Active Contributor

Re: Credentials not stored in Central or Ignition. All browsers

OK so I'm answering my own question again here. Just in the hope that we may advance this problem to the point where we get an answer. It seems to be to do with the fact that the remote machine is not giving up the login details to the client machine. As the client machine has nothing to compare the credentials to, it flags as either an incorrect login or wiped credentials.

 

A bit of investigation on this has revealed a feature of Windows known as Remote Credential Guard. Effectively, when active, this feature prevents the host machine passing login credentials to a remote machine. Another layer of security against hackers, if you like.

 

There are some methods online which are supposed to resolve this. One is via the Group Policy Editor and one is a registry hack. I have tried both but still no luck. However at least we now know that it is the remote host that is the root of the problem. Perhaps someone out there may have some other thoughts on what could be preventing it giving up the necessary data to allow the automatic login?

Highlighted
LogMeIn Contributor

Re: Credentials not stored in Central or Ignition. All browsers

You might be able to try this method to regenerate the self-signed key there:

 

"C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" cert -createca "LogMeIn CA on %COMPUTERNAME%" -createsc "%COMPUTERNAME%"