Hi Nick and Peter

Thanks for the reply.

I have tried username@domain and 
usern...@domain.com<mailto:usern...@domain.com> and still do not have any luck 
with NLA enabled.
All the servers are using NLA and all on prem domain joined machines are using 
NLA.

I have set NLA + Ignore certificate and still no luck.

I will continue to play around and see if I can find a working solution, I 
understand it is an oddball case for you guys.


Cheers

From: Nick Couchman <vn...@apache.org>
Sent: Wednesday, 7 March 2018 1:06 AM
To: user@guacamole.apache.org
Subject: Re: Azure AD and Guacamole

On Mon, Mar 5, 2018 at 11:40 PM, James Fraser 
<james.fra...@veritec.com.au<mailto:james.fra...@veritec.com.au>> wrote:
Ok

A bit of a status update on this

I have managed to get remote desktop working for Azure AD users.

This is on windows 10 desktops, I have had to disable Windows NLA on RDP and 
resort to using TLS in guacamole.


Yeah, the fact that you don't get any sort of error except RDP server could not 
reached is very much either a network issue or a NLA issue.  As far as NLA 
goes, have you tried making sure it is enabled in Guacamole (set to NLA) and 
then check the box marked "Ignore Server Certificates" to see if that works?  I 
suspect that you're correct, that there is something about the format of the 
credentials with NLA that it isn't liking and is refusing the connection, but 
best to eliminate certificate issues, as well.

For the credentials, as Peter suggests, you might try leaving the domain blank 
and use various forms of <username>@<domain> or <username>@<domain.tld> and see 
if something works for that.  We use NLA where I work, and I just have to make 
sure all of the credentials are filled out, but we're mostly doing on-premise 
stuff and not Azure.

-Nick

Reply via email to