Need an additional parameter for authentication purposes

While being sent the username automatically can be nice, it is not very flexible for some scenarios.

would it be possible to add another option to the client that can be set by the end user of the client, like $CLIENT_SECRET or similar?

this would allow for me to give the client secret to someone which they enter into their client config. The same thing could happen if you allowed for overriding the username that is passed, but i didnt see a way to do this.

please let me know your thoughts.

on an unrelated issue, why are you storing plaintext passwords in vhui.ini? can these be obfuscated somehow?

#2

I dont really want to add a way to set the username by editing the vhui.ini as it makes it too easy to impersonate someone. At the moment the virtualhere client takes its username from the windows/linux/osx user who is running the client, so the only way to change that is to re-login which i think is the way it should be. Adding an extra login field is a bit of work i dont really want to do unless i get more requests for this, as its too specialized, same with the clear-text password change. The only user who can see the vhui.ini is the one logged in if windows directory permissions are set correctly so it doesnt matter if its plaintext.

#3

would you at lease consider splitting out the variable for the username? as it stands right now, it is inconsistent and less than ideal.

for example, i am on a domain at home, but i have a laptop that isnt both accounts on ad and on the laptop have a name of eric, but the AD one sends in 'eric (eric)' while the other one just sends '(eric)'. Having a variable for full name vs username only would fix this.

as is, this makes things harder to do match wise in an auth script. sure i can do a regex, but what is the value in pulling the first and last name vs just the username?

#4

The user details are consistent. The reason you are not seeing consistency is because your account doesnt have a full name or virtualhere doesnt have permission to read the AD record. Note: the full name is retrieved via this call in windows (https://docs.microsoft.com/en-us/windows/win32/api/lmaccess/nf-lmaccess…) and looking at this usri2_full_name field. In windows the name is retrieved by looking at the USER or LOGNAME environment variables and input to the second argument of that function call. I suppose in theory you could change those environment variables if you have permission to do so.

e.g The user string is full name (user id) e.g "Michael Stuart (mstuart)"

Note: since Linux doesnt have the concept of a full name, the virtualhere client will use the name who is running the client (usually root as its run under sudo) and the user who called "sudo" to start it i.e the real user. e.g "root (michael)"