[
https://issues.apache.org/jira/browse/GUACAMOLE-221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17181638#comment-17181638
]
Mike Jumper commented on GUACAMOLE-221:
---------------------------------------
{quote}
On our guacamole server, the administrator manages the connection settings, so
it is not possible to enter the user's authentication information in the
connection settings (the administrator cannot know the user's password).
{quote}
The administrator does not need to know the password for the remote desktop
account if you are using username/password pass-through.
{quote}
On recent Windows, NLA is enabled by default and disabling it is a security
issue.
{quote}
You do not need to disable NLA. The easiest way to use Guacamole alongside
Windows and NLA is to leverage Active Directory for Windows authentication and
integrate Guacamole with the same Active Directory using LDAP. Users can then
log in to Guacamole using their normal usernames and passwords, and those same
credentials can be automatically passed through to RDP connections.
{quote}
The option of providing credentials to guacamole when connecting is a very
important feature.
{quote}
Yes. This is why it's being worked on.
> Parameter prompting within client interface
> -------------------------------------------
>
> Key: GUACAMOLE-221
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-221
> Project: Guacamole
> Issue Type: New Feature
> Components: guacamole
> Reporter: Mike Jumper
> Assignee: Nick Couchman
> Priority: Major
> Fix For: 1.3.0
>
>
> {panel:bgColor=#FFFFEE}
> *The description of this issue was copied from
> [GUAC-335|https://glyptodon.org/jira/browse/GUAC-335], an issue in the JIRA
> instance used by the Guacamole project prior to its acceptance into the
> Apache Incubator.*
> Comments, attachments, related issues, and history from prior to acceptance
> *have not been copied* and can be found instead at the original issue.
> {panel}
> Some parameters, such as the username/password for VNC or RDP, are better
> entered manually within the client when connecting rather than stored on the
> server in MySQL or {{user-mapping.xml}}.
> Storing secure data within parameters on the server side has security
> implications that don't fit well with all use cases.
> Further, some connections would benefit if their settings can be modified
> locally before connecting. A user could change the color depth or screen size
> of their RDP session, for example, for the sake of a slower connection.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
