Ok A bit of a status update on this
I have managed to get remote desktop working for Azure AD users. This is on windows 10 desktops, I have had to disable Windows NLA on RDP and resort to using TLS in guacamole. If anyone has any suggestions around NLA going back on that would be great. Working solution for username was Firstname.lastname Domain: shortname (e.g. no .com) From: James Fraser <james.fra...@veritec.com.au> Sent: Tuesday, 6 March 2018 9:49 AM To: user@guacamole.apache.org Subject: RE: Azure AD and Guacamole Hi Nick Thanks for the response I have enabled debug mode but do not think it helps, see below Mar 6 09:45:20 guacdev guacd[8340]: Creating new client for protocol "rdp" Mar 6 09:45:20 guacdev guacd[8340]: Connection ID is "$d4a33680-63aa-414c-806b-768e07e60266" Mar 6 09:45:20 guacdev guacd[8491]: Parameter "console" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "console-audio" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "disable-auth" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Security mode: NLA Mar 6 09:45:20 guacdev guacd[8491]: User resolution is 1896x962 at 96 DPI Mar 6 09:45:20 guacdev guacd[8491]: Parameter "dpi" omitted. Using default value of 96. Mar 6 09:45:20 guacdev guacd[8491]: Using resolution of 1896x962 at 96 DPI Mar 6 09:45:20 guacdev guacd[8491]: Parameter "read-only" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-wallpaper" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-theming" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-font-smoothing" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-full-window-drag" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-desktop-composition" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-menu-animations" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "disable-bitmap-caching" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "disable-offscreen-caching" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "disable-glyph-caching" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "color-depth" omitted. Using default value of 16. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "disable-audio" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-printing" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-drive" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "drive-path" omitted. Using default value of "". Mar 6 09:45:20 guacdev guacd[8491]: Parameter "create-drive-path" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-sftp" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "sftp-hostname" omitted. Using default value of "192.168.0.1". <- omitted real IP Mar 6 09:45:20 guacdev guacd[8491]: Parameter "sftp-port" omitted. Using default value of "22". Mar 6 09:45:20 guacdev guacd[8491]: Parameter "sftp-username" omitted. Using default value of "firstname.lastn...@domain.com<mailto:firstname.lastn...@domain.com>" . <- omitted real username Mar 6 09:45:20 guacdev guacd[8491]: Parameter "sftp-password" omitted. Using default value of "". Mar 6 09:45:20 guacdev guacd[8491]: Parameter "sftp-passphrase" omitted. Using default value of "". Mar 6 09:45:20 guacdev guacd[8491]: Parameter "sftp-root-directory" omitted. Using default value of "/". Mar 6 09:45:20 guacdev guacd[8491]: Parameter "sftp-server-alive-interval" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "recording-name" omitted. Using default value of "recording". Mar 6 09:45:20 guacdev guacd[8491]: Parameter "recording-exclude-output" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "recording-exclude-mouse" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "recording-include-keys" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "create-recording-path" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Resize method: none Mar 6 09:45:20 guacdev guacd[8491]: Parameter "enable-audio-input" omitted. Using default value of 0. Mar 6 09:45:20 guacdev guacd[8491]: Parameter "gateway-port" omitted. Using default value of 443. Mar 6 09:45:20 guacdev guacd[8491]: User "@3e14e730-a4c8-4c1e-8bea-cab550be3c34" joined connection "$d4a33680-63aa-414c-806b-768e07e60266" (1 users now present) Mar 6 09:45:20 guacdev guacd[8491]: Loading keymap "base" Mar 6 09:45:20 guacdev guacd[8491]: Loading keymap "en-us-qwerty" Mar 6 09:45:21 guacdev guacd[8491]: Error connecting to RDP server Mar 6 09:45:21 guacdev guacd[8491]: User "@3e14e730-a4c8-4c1e-8bea-cab550be3c34" disconnected (0 users remain) Mar 6 09:45:21 guacdev guacd[8491]: Last user of connection "$d4a33680-63aa-414c-806b-768e07e60266" disconnected Mar 6 09:45:21 guacdev guacd[8340]: Connection "$d4a33680-63aa-414c-806b-768e07e60266" removed. I have also built the latest guac from GIT to see if any changes in the upcoming version would help but get the same issue. On another note, there is no issue connecting to local users on these machines and is the current work around. Thanks for the help. From: Nick Couchman <vn...@apache.org<mailto:vn...@apache.org>> Sent: Tuesday, 6 March 2018 9:41 AM To: user@guacamole.apache.org<mailto:user@guacamole.apache.org> Subject: Re: Azure AD and Guacamole On Mon, Mar 5, 2018 at 17:19 James Fraser <james.fra...@veritec.com.au<mailto:james.fra...@veritec.com.au>> wrote: Hi Mike Thanks for the quick reply. I do not see anything obvious in the logs Can you put guacd in debug mode (-L debug) and try again and see if the error messages are any more helpful? -Nick
