By default, Cameyo runs app sessions by connecting to the application servers as generic users (e.g. RemoteUser1, RemoteUser2, etc.). While this is our recommended configuration, some use cases require the use of Active Directory users for things like local network file server access, database authentication, and so on. This article will explain how to configure a Cameyo server to have users log in with their AD users, instead of getting allocated to generic user accounts.

On-premise (self-hosted) Cameyo server

Join the server in question to your domain. After this has been done, connect to the server and add the Domain Users group to the Remote Desktop Users group on that server. (If you do not do this, only Domain Admins will be able to connect to apps on the server.)

Next, in the Cameyo Admin Console, go to the server details page for the server you want to change, then scroll down to the Server Cluster section. From the "User profiles" dropdown menu select Native Windows Accounts. Click Save, then in the Commands section, click "Restart Services". The Cameyo services on the server should restart within around 30 seconds.

Once the services have restarted, launch an application on the server. You will be prompted for Active Directory user credentials:

If you would like the user's credentials to be remembered across sessions, you can add the Powertag !NWASAVELOGIN=1 to the server or cluster's Powertags field. This will cause a cookie to be saved on the user's browser that identifies them the next time they start a session, and the user will be automatically logged in. Note: The usage of a cookie means that user credentials will not be saved if the user uses a different browser or a different device, or if they clear their cookies or are in a browser privacy mode.

(Optional): In the Server Cluster section of the server details page, you can enter your AD domain name, which would allow users to log in without entering the domain name. This may not be necessary to do in a single-domain AD environment, so test to see what works best for you.

Cloud servers

If your Cameyo servers run from the cloud with no VPN connection into the domain, you can still connect Cameyo's portal authentication to Azure AD or other cloud-based SSO providers. At this point, users will not need additional logins or credentials for Cameyo. Windows applications themselves will run under pseudo user profiles provided by Cameyo. These will not include all of the user's legacy user profile data, but new local ones created and maintained by Cameyo. They will be mapped to users according to their Active Directory identity but won't be the same as their Windows profiles. For example John Doe's local Cameyo profile may be uniquely named "jdoe-2334abc4393".