Re: Failed connections RDP
On Tue, Feb 20, 2024 at 12:53 PM Andrea Miconi wrote: > I understand what the problem is, quite stupid indeed. > If Windows is configured with a Microsoft profile, the email and password > of that profile must be used. > That user has/had his own local name with a password, but now the > Microsoft profile prevails. > > I then discovered that if the user is local, but has no password (I have > test VMs with simple credentials, no password) Guacamole refuses to > authenticate him. > Then I also discovered that it is not enough to enable remote desktop on > Windows, but also to authorize users to receive the connection. > Using RDP is not exactly a walk in the park. > > Glad you figured it out - thank you for posting the solution back to the list. > > I take this opportunity to ask how do I close a connection from the > browser? > If I go back with the left arrow, I go back to Home and then I have the > session open on the bottom right. > Is there no way to close it right away? > > There are a handful of ways to close the connection: * Use the hidden Guacamole menu with the key combo Ctrl-Alt-Shift, and then use the "Disconnect" option from the drop-down menu. * Disconnect from the remote system. * If you use the back arrow and you get the session in the bottom-right, you should also see a red "X" in the corner you can use to close it. * Close the tab that contains the session. -Nick >
Re: Failed connections RDP
I understand what the problem is, quite stupid indeed.If Windows is configured with a Microsoft profile, the email and password of that profile must be used.That user has/had his own local name with a password, but now the Microsoft profile prevails. I then discovered that if the user is local, but has no password (I have test VMs with simple credentials, no password) Guacamole refuses to authenticate him.Then I also discovered that it is not enough to enable remote desktop on Windows, but also to authorize users to receive the connection.Using RDP is not exactly a walk in the park. I take this opportunity to ask how do I close a connection from the browser?If I go back with the left arrow, I go back to Home and then I have the session open on the bottom right.Is there no way to close it right away? Il martedì 20 febbraio 2024 alle ore 17:05:39 CET, Nick Couchman ha scritto: On Tue, Feb 20, 2024 at 10:39 AM Andrea Miconi wrote: I redid the entire installation, from scratch.I replaced Debian 12 with Ubuntu server 22.04.3.I also installed MySQL.I used the only user created at installation and using "sudo", so the rights are correct. So, now I have the installation complete and I'm configuring Guacamole from the GUI. Nonetheless, the situation is the same: a setup with SSH and VNC works straight away.With RDP, no! I'll go back to the last question I asked:* What account is guacd running under?* Does that account have a writable home directory? The FreeRDP libraries, when you connect to a server, *even when you tell it to ignore the certificate*, store a copy of the certificate fingerprint in a "known hosts" file, very similar to SSH. If the FreeRDP libraries are unable to write this file, because the Linux user account lacks write access to its own home directory, the connection *will fail.* I've run into this when running guacd under the "daemon" user account on EL-based platforms, as the "daemon" account generally has a home directory of /sbin, and generally cannot write to that directory. Make sure the account running guacd has a valid home directory, and write access to that directory. There may be other issues that need to be addressed, but this is one of the ones to verify. -Nick
Re: Failed connections RDP
On Tue, Feb 20, 2024 at 10:39 AM Andrea Miconi wrote: > I redid the entire installation, from scratch. > I replaced Debian 12 with Ubuntu server 22.04.3. > I also installed MySQL. > I used the only user created at installation and using "sudo", so the > rights are correct. > > So, now I have the installation complete and I'm configuring Guacamole > from the GUI. > > Nonetheless, the situation is the same: a setup with SSH and VNC works > straight away. > With RDP, no! > > I'll go back to the last question I asked: * What account is guacd running under? * Does that account have a writable home directory? The FreeRDP libraries, when you connect to a server, *even when you tell it to ignore the certificate*, store a copy of the certificate fingerprint in a "known hosts" file, very similar to SSH. If the FreeRDP libraries are unable to write this file, because the Linux user account lacks write access to its own home directory, the connection *will fail.* I've run into this when running guacd under the "daemon" user account on EL-based platforms, as the "daemon" account generally has a home directory of /sbin, and generally cannot write to that directory. Make sure the account running guacd has a valid home directory, and write access to that directory. There may be other issues that need to be addressed, but this is one of the ones to verify. -Nick >
Re: Failed connections RDP
I redid the entire installation, from scratch.I replaced Debian 12 with Ubuntu server 22.04.3.I also installed MySQL.I used the only user created at installation and using "sudo", so the rights are correct. So, now I have the installation complete and I'm configuring Guacamole from the GUI. Nonetheless, the situation is the same: a setup with SSH and VNC works straight away.With RDP, no! Il lunedì 19 febbraio 2024 alle ore 12:44:59 CET, Nick Couchman ha scritto: On Mon, Feb 19, 2024 at 4:18 AM Andrea Miconi wrote: I tried enabling remote desktop on a VM Win11 Pro and a VM Win7 Pro.Same result, logs me out immediately. What Linux account is guacd running under? Does that account have a writable home directory? -Nick
Re: Failed connections RDP
On Mon, Feb 19, 2024 at 4:18 AM Andrea Miconi wrote: > I tried enabling remote desktop on a VM Win11 Pro and a VM Win7 Pro. > Same result, logs me out immediately. > > What Linux account is guacd running under? Does that account have a writable home directory? -Nick
Re: Failed connections RDP
I tried enabling remote desktop on a VM Win11 Pro and a VM Win7 Pro.Same result, logs me out immediately. Il lunedì 19 febbraio 2024 alle ore 09:19:55 CET, Horváth Csaba ha scritto: Hi, Strange. My setup is failing with Gnome Debian remote machines, but works with Windows RDP VM's flawlessly. This was the only thing which i needed to add to the config. Cs. Andrea Miconi ezt írta (időpont: 2024. febr. 19., H, 8:52): > > In the meantime I had also seen that that parameter was missing, but it still > doesn't work. > > > > rdp > 192.168.101.98 > 3389 > > nla > true > > > > > Il lunedì 19 febbraio 2024 alle ore 08:26:13 CET, Horváth Csaba > ha scritto: > > > Hi, > > So your issue is not the same as mine. > > Try to add this to the user-mapping.xml to the appropriate connection > settings : > nla > true > > NLA is the Network Level Authentication security mode, used by modern > Windows versions and Gnome-Remote-Desktop. > > Cs. > > Andrea Miconi ezt írta (időpont: > 2024. febr. 19., H, 7:53): > > > > Thanks for the reply. > > Guacamole is on a PC with a Debian 12 server installed. > > My PC is Win11 Pro. > > The "remote" PC (on my same table and connected to my same switch) is a > > Win10 Pro. > > Both PCs are updated with the latest WinUpdate. > > > > I have also a laptop with Xubuntu 22:04, but I haven't tested whether it > > works with that yet. > > > > I don't know anything about NLA Security, I don't know it. > > The two Windows PCs have the "Remote Desktop" feature enabled in the > > Windows settings. > > Win11 PC connects to Win10 using RDP without going through Guacamole. > > > > > > > > Il domenica 18 febbraio 2024 alle ore 20:36:27 CET, Horváth Csaba > > ha scritto: > > > > > > Hi, > > > > This may be the same what i found. > > > > What do you use on your PC? Gnome-based DE? > > > > What do you get if you specify NLA security? > > > > BR, > > > > Cs. > > > > Andrea Miconi ezt írta (időpont: > > 2024. febr. 18., V, 19:12): > > > > > > > > I'm trying to connect to PCs using guacadmin, but only with VNC and SSH I > > > work. > > > With RDP the message "You have been disconnected" immediately appears. > > > > > > Reading online it seems that the problem is with the reverse proxy; in > > > this I forward only port 8080. > > > Furthermore, the firewall has no rules, only an "All Open" rule. > > > Finally, the problem exists both with the connection from the Internet > > > (and in this case the proxy comes into play), but also from the LAN where > > > I call Guacamole directly with its IP address. > > > > > > From my PC I can connect using Windows Remote Desktop, so the problem is > > > with Guacamole. > > > > > > Here are the parameters in XML. > > > The guacamole IP address is 192.168.101.17 > > > My PC IP address is 192.168.101.33 > > > > > > > > > > > > rdp > > > 192.168.101.98 > > > 3389 > > > > > > > > > > > > > > > - > > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > > For additional commands, e-mail: user-h...@guacamole.apache.org > > > > > > > - > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > For additional commands, e-mail: user-h...@guacamole.apache.org > - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Failed connections RDP
Hi, Strange. My setup is failing with Gnome Debian remote machines, but works with Windows RDP VM's flawlessly. This was the only thing which i needed to add to the config. Cs. Andrea Miconi ezt írta (időpont: 2024. febr. 19., H, 8:52): > > In the meantime I had also seen that that parameter was missing, but it still > doesn't work. > > > > rdp > 192.168.101.98 > 3389 > > nla > true > > > > > Il lunedì 19 febbraio 2024 alle ore 08:26:13 CET, Horváth Csaba > ha scritto: > > > Hi, > > So your issue is not the same as mine. > > Try to add this to the user-mapping.xml to the appropriate connection > settings : > nla > true > > NLA is the Network Level Authentication security mode, used by modern > Windows versions and Gnome-Remote-Desktop. > > Cs. > > Andrea Miconi ezt írta (időpont: > 2024. febr. 19., H, 7:53): > > > > Thanks for the reply. > > Guacamole is on a PC with a Debian 12 server installed. > > My PC is Win11 Pro. > > The "remote" PC (on my same table and connected to my same switch) is a > > Win10 Pro. > > Both PCs are updated with the latest WinUpdate. > > > > I have also a laptop with Xubuntu 22:04, but I haven't tested whether it > > works with that yet. > > > > I don't know anything about NLA Security, I don't know it. > > The two Windows PCs have the "Remote Desktop" feature enabled in the > > Windows settings. > > Win11 PC connects to Win10 using RDP without going through Guacamole. > > > > > > > > Il domenica 18 febbraio 2024 alle ore 20:36:27 CET, Horváth Csaba > > ha scritto: > > > > > > Hi, > > > > This may be the same what i found. > > > > What do you use on your PC? Gnome-based DE? > > > > What do you get if you specify NLA security? > > > > BR, > > > > Cs. > > > > Andrea Miconi ezt írta (időpont: > > 2024. febr. 18., V, 19:12): > > > > > > > > I'm trying to connect to PCs using guacadmin, but only with VNC and SSH I > > > work. > > > With RDP the message "You have been disconnected" immediately appears. > > > > > > Reading online it seems that the problem is with the reverse proxy; in > > > this I forward only port 8080. > > > Furthermore, the firewall has no rules, only an "All Open" rule. > > > Finally, the problem exists both with the connection from the Internet > > > (and in this case the proxy comes into play), but also from the LAN where > > > I call Guacamole directly with its IP address. > > > > > > From my PC I can connect using Windows Remote Desktop, so the problem is > > > with Guacamole. > > > > > > Here are the parameters in XML. > > > The guacamole IP address is 192.168.101.17 > > > My PC IP address is 192.168.101.33 > > > > > > > > > > > >rdp > > >192.168.101.98 > > >3389 > > > > > > > > > > > > > > > - > > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > > For additional commands, e-mail: user-h...@guacamole.apache.org > > > > > > > - > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > For additional commands, e-mail: user-h...@guacamole.apache.org > - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Failed connections RDP
In the meantime I had also seen that that parameter was missing, but it still doesn't work. rdp 192.168.101.98 3389 nla true Il lunedì 19 febbraio 2024 alle ore 08:26:13 CET, Horváth Csaba ha scritto: Hi, So your issue is not the same as mine. Try to add this to the user-mapping.xml to the appropriate connection settings : nla true NLA is the Network Level Authentication security mode, used by modern Windows versions and Gnome-Remote-Desktop. Cs. Andrea Miconi ezt írta (időpont: 2024. febr. 19., H, 7:53): > > Thanks for the reply. > Guacamole is on a PC with a Debian 12 server installed. > My PC is Win11 Pro. > The "remote" PC (on my same table and connected to my same switch) is a Win10 > Pro. > Both PCs are updated with the latest WinUpdate. > > I have also a laptop with Xubuntu 22:04, but I haven't tested whether it > works with that yet. > > I don't know anything about NLA Security, I don't know it. > The two Windows PCs have the "Remote Desktop" feature enabled in the Windows > settings. > Win11 PC connects to Win10 using RDP without going through Guacamole. > > > > Il domenica 18 febbraio 2024 alle ore 20:36:27 CET, Horváth Csaba > ha scritto: > > > Hi, > > This may be the same what i found. > > What do you use on your PC? Gnome-based DE? > > What do you get if you specify NLA security? > > BR, > > Cs. > > Andrea Miconi ezt írta (időpont: > 2024. febr. 18., V, 19:12): > > > > > I'm trying to connect to PCs using guacadmin, but only with VNC and SSH I > > work. > > With RDP the message "You have been disconnected" immediately appears. > > > > Reading online it seems that the problem is with the reverse proxy; in this > > I forward only port 8080. > > Furthermore, the firewall has no rules, only an "All Open" rule. > > Finally, the problem exists both with the connection from the Internet (and > > in this case the proxy comes into play), but also from the LAN where I call > > Guacamole directly with its IP address. > > > > From my PC I can connect using Windows Remote Desktop, so the problem is > > with Guacamole. > > > > Here are the parameters in XML. > > The guacamole IP address is 192.168.101.17 > > My PC IP address is 192.168.101.33 > > > > > > > > rdp > > 192.168.101.98 > > 3389 > > > > > > > > > - > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > For additional commands, e-mail: user-h...@guacamole.apache.org > > - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Failed connections RDP
Hi, So your issue is not the same as mine. Try to add this to the user-mapping.xml to the appropriate connection settings : nla true NLA is the Network Level Authentication security mode, used by modern Windows versions and Gnome-Remote-Desktop. Cs. Andrea Miconi ezt írta (időpont: 2024. febr. 19., H, 7:53): > > Thanks for the reply. > Guacamole is on a PC with a Debian 12 server installed. > My PC is Win11 Pro. > The "remote" PC (on my same table and connected to my same switch) is a Win10 > Pro. > Both PCs are updated with the latest WinUpdate. > > I have also a laptop with Xubuntu 22:04, but I haven't tested whether it > works with that yet. > > I don't know anything about NLA Security, I don't know it. > The two Windows PCs have the "Remote Desktop" feature enabled in the Windows > settings. > Win11 PC connects to Win10 using RDP without going through Guacamole. > > > > Il domenica 18 febbraio 2024 alle ore 20:36:27 CET, Horváth Csaba > ha scritto: > > > Hi, > > This may be the same what i found. > > What do you use on your PC? Gnome-based DE? > > What do you get if you specify NLA security? > > BR, > > Cs. > > Andrea Miconi ezt írta (időpont: > 2024. febr. 18., V, 19:12): > > > > > I'm trying to connect to PCs using guacadmin, but only with VNC and SSH I > > work. > > With RDP the message "You have been disconnected" immediately appears. > > > > Reading online it seems that the problem is with the reverse proxy; in this > > I forward only port 8080. > > Furthermore, the firewall has no rules, only an "All Open" rule. > > Finally, the problem exists both with the connection from the Internet (and > > in this case the proxy comes into play), but also from the LAN where I call > > Guacamole directly with its IP address. > > > > From my PC I can connect using Windows Remote Desktop, so the problem is > > with Guacamole. > > > > Here are the parameters in XML. > > The guacamole IP address is 192.168.101.17 > > My PC IP address is 192.168.101.33 > > > > > > > >rdp > >192.168.101.98 > >3389 > > > > > > > > > - > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > For additional commands, e-mail: user-h...@guacamole.apache.org > > - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Failed connections RDP
Thanks for the reply.Guacamole is on a PC with a Debian 12 server installed.My PC is Win11 Pro.The "remote" PC (on my same table and connected to my same switch) is a Win10 Pro.Both PCs are updated with the latest WinUpdate. I have also a laptop with Xubuntu 22:04, but I haven't tested whether it works with that yet. I don't know anything about NLA Security, I don't know it.The two Windows PCs have the "Remote Desktop" feature enabled in the Windows settings.Win11 PC connects to Win10 using RDP without going through Guacamole. Il domenica 18 febbraio 2024 alle ore 20:36:27 CET, Horváth Csaba ha scritto: Hi, This may be the same what i found. What do you use on your PC? Gnome-based DE? What do you get if you specify NLA security? BR, Cs. Andrea Miconi ezt írta (időpont: 2024. febr. 18., V, 19:12): > > I'm trying to connect to PCs using guacadmin, but only with VNC and SSH I > work. > With RDP the message "You have been disconnected" immediately appears. > > Reading online it seems that the problem is with the reverse proxy; in this I > forward only port 8080. > Furthermore, the firewall has no rules, only an "All Open" rule. > Finally, the problem exists both with the connection from the Internet (and > in this case the proxy comes into play), but also from the LAN where I call > Guacamole directly with its IP address. > > From my PC I can connect using Windows Remote Desktop, so the problem is with > Guacamole. > > Here are the parameters in XML. > The guacamole IP address is 192.168.101.17 > My PC IP address is 192.168.101.33 > > > > rdp > 192.168.101.98 > 3389 > > > - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: Failed connections RDP
Hi, This may be the same what i found. What do you use on your PC? Gnome-based DE? What do you get if you specify NLA security? BR, Cs. Andrea Miconi ezt írta (időpont: 2024. febr. 18., V, 19:12): > > I'm trying to connect to PCs using guacadmin, but only with VNC and SSH I > work. > With RDP the message "You have been disconnected" immediately appears. > > Reading online it seems that the problem is with the reverse proxy; in this I > forward only port 8080. > Furthermore, the firewall has no rules, only an "All Open" rule. > Finally, the problem exists both with the connection from the Internet (and > in this case the proxy comes into play), but also from the LAN where I call > Guacamole directly with its IP address. > > From my PC I can connect using Windows Remote Desktop, so the problem is with > Guacamole. > > Here are the parameters in XML. > The guacamole IP address is 192.168.101.17 > My PC IP address is 192.168.101.33 > > > > rdp > 192.168.101.98 > 3389 > > > - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Failed connections RDP
I'm trying to connect to PCs using guacadmin, but only with VNC and SSH I work.With RDP the message "You have been disconnected" immediately appears. Reading online it seems that the problem is with the reverse proxy; in this I forward only port 8080. Furthermore, the firewall has no rules, only an "All Open" rule. Finally, the problem exists both with the connection from the Internet (and in this case the proxy comes into play), but also from the LAN where I call Guacamole directly with its IP address. >From my PC I can connect using Windows Remote Desktop, so the problem is with >Guacamole. Here are the parameters in XML. The guacamole IP address is 192.168.101.17My PC IP address is 192.168.101.33 rdp 192.168.101.98 3389