Hello Mike: I found this article, but it didn't help:
https://mangolassi.it/topic/17846/make-windows-10-server-2016-rdp-work-with-guacamole In the article, the author says that Guacamole doesnt work with Windows 10 or Server 2016 RDP naturally, so they edit the registry: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp] Change "SecurityLayer" to 1 and "UserAuthentication" to 0. Lance From: Lance Gropper <[email protected]> Sent: Tuesday, April 30, 2019 3:22 PM To: [email protected] Subject: RE: RDP [ CAUTION ] This email originated outside Deluxe. Hello Mike: Note there also was a message previously regarding cliprdr - I did a search for that online, and found a bug report that you created indicating openrdp and/or lib openrdp were not installed. I installed them on my system, but it just made the cliprdr message go away. Lance From: Lance Gropper <[email protected]> Sent: Tuesday, April 30, 2019 3:20 PM To: [email protected] Subject: RE: RDP [ CAUTION ] This email originated outside Deluxe. Hello Mike: So I created a local user called guacamole-post on the Windows system. I set the password to Pa$$word1234. In remote settings >Remote Desktop, I have allow remote connections to this computer checked. I have NLA unchecked. Under select users, I have the user guacamole-post added. In Guacamole, I have a connection for the machine. The only settings which are not blank: Protocol: RDP, Hostname: 10.17.102.93, Port:3389, Authentication: guacamole-post, Password: Pa$$word1234. Security mode: TLS encryption, Ignore Server Certificate: {checked}, keyboard layout: US English (Querty), Color depth: Low color (16-bit). When I try to connect: Apr 30 15:16:42 guacamole-post guacd[5643]: Creating new client for protocol "rdp" Apr 30 15:16:42 guacamole-post guacd[5643]: Connection ID is "$b189f7ec-0b35-461b-8588-b129fdfea776" Apr 30 15:16:42 guacamole-post guacd[6191]: Security mode: TLS Apr 30 15:16:42 guacamole-post guacd[6191]: Resize method: none Apr 30 15:16:42 guacamole-post guacd[6191]: User "@e68f5e91-0278-4246-a656-076df57de952" joined connection "$b189f7ec-0b35-461b-8588-b129fdfea776" (1 users now present) Apr 30 15:16:42 guacamole-post server: 15:16:42.736 [http-bio-8080-exec-3] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection "3". Apr 30 15:16:42 guacamole-post guacd[6191]: Loading keymap "base" Apr 30 15:16:42 guacamole-post guacd[6191]: Loading keymap "en-us-qwerty" Apr 30 15:16:43 guacamole-post guacd[6191]: guacdr connected. Apr 30 15:16:43 guacamole-post guacd[6191]: guacsnd connected. Apr 30 15:16:43 guacamole-post guacd[6191]: Connected to RDPDR 1.13 as client 0x0004 Apr 30 15:16:43 guacamole-post kernel: guacd[6201]: segfault at 0 ip 00007fbde431b901 sp 00007fbdd75f1c08 error 4 in libc-2.17.so[7fbde41ad000+1c2000] Apr 30 15:16:43 guacamole-post guacd[5643]: Connection "$b189f7ec-0b35-461b-8588-b129fdfea776" removed. Apr 30 15:16:43 guacamole-post server: 15:16:43.470 [Thread-17] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from connection "3". Duration: 733 milliseconds I've also tried creating a user called guacamole-post, and giving it access to that connection - I get the same exact message, except the last line reads: Apr 30 15:12:20 guacamole-post server: 15:12:20.763 [Thread-11] INFO o.a.g.tunnel.TunnelRequestService - User "guacamole-post" disconnected from connection "3". Duration: 779 milliseconds Lance From: Lance Gropper <[email protected]> Sent: Tuesday, April 30, 2019 2:59 PM To: [email protected] Subject: RE: RDP [ CAUTION ] This email originated outside Deluxe. Hello Mike: With NLA disabled, Windows still isn't prompting... Lance From: Mike Jumper <[email protected]> Sent: Tuesday, April 30, 2019 2:53 PM To: [email protected] Subject: Re: RDP [ CAUTION ] This email originated outside Deluxe. On Tue, Apr 30, 2019, 14:48 Lance Gropper <[email protected]<mailto:[email protected]>> wrote: Hello Mike: So my boss, who is familiar with Guacamole looked at it - he said if you leave the username and password fields blank, it is supposed to prompt you when you try to connect No, your boss is incorrect. Guacamole does not prompt for credentials with the exception of its own authentication. *Windows* will prompt for credentials, but only if it is not configured to require NLA. Windows will not prompt if NLA is in use. You need to pre-configure the connection credentials or pass them through. Also in Guac, VNC also isn't asking for a password if you leave the field blank. Guac will not do this. You need to pre-configure the connection credentials or pass them through. - Mike [ CAUTION ] DO NOT open attachments or click links from unknown senders. Only respond if you can validate the senders legitimacy. This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed. [ CAUTION ] DO NOT open attachments or click links from unknown senders. Only respond if you can validate the senders legitimacy. This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed. [ CAUTION ] DO NOT open attachments or click links from unknown senders. Only respond if you can validate the senders legitimacy. This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed. [ CAUTION ] DO NOT open attachments or click links from unknown senders. Only respond if you can validate the senders legitimacy. This e-mail and any attachments are intended only for use by the addressee(s) named herein and may contain confidential information. If you are not the intended recipient of this e-mail, you are hereby notified any dissemination, distribution or copying of this email and any attachments is strictly prohibited. If you receive this email in error, please immediately notify the sender by return email and permanently delete the original, any copy and any printout thereof. The integrity and security of e-mail cannot be guaranteed.
