LDSAccess, Odyssey Client and Desktop 5.5

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#21

Post by jdlessley »

I need to correct information I posted earlier about filtering. It is true that family history center CCNs are filtered using LDS Extended Access. I also claimed that the one computer I connected to the CCN was filtered using LDS Restricted Access. It appears that I was incorrect. While there is filtering going on, it is not from a Church server or firewall. The filtering is at the administrative computer and it appears to be a configuration change that is part of Desktop 5.5.

It appears that Desktop 5.5 configures the internet control console in the registry to deactivate the security tap since group policies have not been configured. The LAN settings of the internet control console connections tab have been set to use a proxy server (I assume to be a Church server). The filtering I missidentified as LDS Restricted Access is part of the advanced connections properties for the proxy server. The white list I referred to before is a list of sites that do not require internet connections through the proxy. I guess you could call it a white list. But if there is a site you need to connect to you can add it to the list and you will have access. Of course I only did a test on a few common sites I use. The problems I had before when I ran the same test could not be duplicated. Therefore these connection difficulties were a local computer issue and not LDS Restricted Access filtering.

Knowing these things about administrative computers operating with Desktop 5.5 we will develop a local procedure to limit sites that can be added to the proxy server exceptions list.
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

Failed to connect administrative computer to LDSAccess

#22

Post by aebrown »

jdlessley wrote:We have the same configuration in our stake building. We also do not have problems connecting non-administrative computers to the network using LDSAccess. It is the administrative computers that I have been unable to connect to the network using LDSAccess. That is why I want to see if anybody has been able to do it. I want to know what I might be doing wrong since the GSD technicians could not help me get an administrative computer connected using LDSAccess. We can connect fine using Odyssey Client.

Since I read a thread where a Church employee said they are trying to get away from using Odyssey Client I was hoping to avoid the rush when I set up our administrative computers on the network.

Well, I just tried to connect our stake administrative computer to our CCN using the LDSAccess profile, and I failed. I spent about an hour working with the GSD, and we never got it working. I uninstalled Odyssey, enabled the Wireless Zero service, and restarted the computer. We could see LDSAccess in the list of available networks, and it was correctly identified as using WPA security, but when I tried to connect, I just got the "connecting to the network" progress gauge for several minutes, then it quit trying.

We tried uninstalliing the Linksys driver, then reinstalling it, but that made no difference. The GSD Level 2 support person said that some they've had problems with some wireless adapters connecting to LDSAccess. I have a Linksys USB Wireless-G WUSB54G v4 adapter, with the latest driver (2.1.0.0).

So I reinstalled the Odyssey client and it connected right up and I'm right back where I started. The GSD technician said that although the Odyssey Client may not be installed for future installations, anyone who has the Odyssey client already installed will be be welcome to use it as long as they like.
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#23

Post by aebrown »

jdlessley wrote:It appears that Desktop 5.5 configures the internet control console in the registry to deactivate the security tap since group policies have not been configured. The LAN settings of the internet control console connections tab have been set to use a proxy server (I assume to be a Church server). The filtering I missidentified as LDS Restricted Access is part of the advanced connections properties for the proxy server. The white list I referred to before is a list of sites that do not require internet connections through the proxy. I guess you could call it a white list. But if there is a site you need to connect to you can add it to the list and you will have access. Of course I only did a test on a few common sites I use. The problems I had before when I ran the same test could not be duplicated. Therefore these connection difficulties were a local computer issue and not LDS Restricted Access filtering.

I have Desktop 5.5 installed on our stake administrative computer, but I do not see any configuration settings that require a proxy server. The "Use a proxy server" checkbox under LAN Settings is not checked (but it is enabled so I could set it if I wanted to).

So I think your conclusions about Desktop 5.5 requiring a proxy server are incorrect. I'm not sure where your settings are coming from, but my experience leads me to doubt that it is from Desktop 5.5. I also have Local Unit Security Suite installed, so I don't think that is the source of the proxy settings, either.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#24

Post by jdlessley »

Alan_Brown wrote:Well, I just tried to connect our stake administrative computer to our CCN using the LDSAccess profile, and I failed. I spent about an hour working with the GSD, and we never got it working. I uninstalled Odyssey, enabled the Wireless Zero service, and restarted the computer. We could see LDSAccess in the list of available networks, and it was correctly identified as using WPA security, but when I tried to connect, I just got the "connecting to the network" progress gauge for several minutes, then it quit trying.

We tried uninstalliing the Linksys driver, then reinstalling it, but that made no difference. The GSD Level 2 support person said that some they've had problems with some wireless adapters connecting to LDSAccess. I have a Linksys USB Wireless-G WUSB54G v4 adapter, with the latest driver (2.1.0.0).

So I reinstalled the Odyssey client and it connected right up and I'm right back where I started. The GSD technician said that although the Odyssey Client may not be installed for future installations, anyone who has the Odyssey client already installed will be be welcome to use it as long as they like.

This is exactly my experience. The only difference is we have a Netgear WG311 v3.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#25

Post by jdlessley »

Alan_Brown wrote:I have Desktop 5.5 installed on our stake administrative computer, but I do not see any configuration settings that require a proxy server. The "Use a proxy server" checkbox under LAN Settings is not checked (but it is enabled so I could set it if I wanted to).

So I think your conclusions about Desktop 5.5 requiring a proxy server are incorrect. I'm not sure where your settings are coming from, but my experience leads me to doubt that it is from Desktop 5.5. I also have Local Unit Security Suite installed, so I don't think that is the source of the proxy settings, either.

You say that you have Local Unit Security Suite installed. I installed Local Unit Internet Security Application version 1.6.1. I don't know if it is the same thing as Local Unit Security Suite or not. If it is then I would like to know where the configuration changes came from.
User avatar
aebrown
Community Administrator
Posts: 15153
Joined: Tue Nov 27, 2007 8:48 pm
Location: Draper, Utah

#26

Post by aebrown »

jdlessley wrote:You say that you have Local Unit Security Suite installed. I installed Local Unit Internet Security Application version 1.6.1. I don't know if it is the same thing as Local Unit Security Suite or not. If it is then I would like to know where the configuration changes came from.
The Local Unit Security Suite is downloaded from mls.lds.org. It does not seem to have any version number in it. It seems to install something from Symantec (the software firewall, I believe) and then it interacts with LANDesk to install or update several things (I wasn't really paying attention, so I can't tell you just what it was).

But I suspect that the Internet Security Application may be something different, because you were definitive about a version number, and because said in this post that you got it from your FM Group. Perhaps that is the source of the configuration changes. I am not familiar with anything called Local Unit Internet Security Application. Has anyone else heard of it?
russellhltn
Community Administrator
Posts: 34417
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#27

Post by russellhltn »

Since it came from the FM group, perhaps they gave you the program that was configured for FHC computers. They do have a proxy configured to allow them to get access to the FHC portal sites. But that wouldn't be the cause of a LDS-only white list.

Both FHC and Admin computers use LANDesk and Symantec, but they are not configured the same way and should not be used interchangeably.
jdlessley
Community Moderators
Posts: 9858
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#28

Post by jdlessley »

I got the Local Unit Internet Security Application, version 1.6.1, from our FM group. The package came coincidentally a few days before I was prepared to migrate the stake computer to internet operations. Our local FM apparently got it from Salt Lake. The CD is a redistributable (reproducible) CD with the Church's logo on it. The cover letter that came with it is from a Lou Johnson. I don't know if he is part of the FM organization or somebody nearer to the IT organization in Salt Lake.

Maybe Tom would know.
User avatar
WelchTC
Senior Member
Posts: 2085
Joined: Wed Sep 06, 2006 8:51 am
Location: Kaysville, UT, USA
Contact:

#29

Post by WelchTC »

jdlessley wrote:I got the Local Unit Internet Security Application, version 1.6.1, from our FM group. The package came coincidentally a few days before I was prepared to migrate the stake computer to internet operations. Our local FM apparently got it from Salt Lake. The CD is a redistributable (reproducible) CD with the Church's logo on it. The cover letter that came with it is from a Lou Johnson. I don't know if he is part of the FM organization or somebody nearer to the IT organization in Salt Lake.

Maybe Tom would know.
He is in a local FM office I believe.

Tom
lajackson
Community Moderators
Posts: 11460
Joined: Mon Mar 17, 2008 10:27 pm
Location: US

#30

Post by lajackson »

There are two different security applications, one for FHCs and one for Admin computers, although I would not begin to know how to tell the difference.

I do know that one stake specialist put the FHC version on an Admin computer, and the fix was to wipe the computer and start over.

Get the Local Unit Security Suite from the MLS download site to be safe.
Post Reply

Return to “Meetinghouse Internet”