Hi all, I ran into the exact same issue and found the following RDP weirdness with Guacamole 1.1.0
Connecting to Windows 7 machines posed no issues. Connecting to a Windows 2012R2 posed no issues. Connecting to Windows 10 (1809) posed no issues. However once I upgraded that particular windows 10 machine to 1903, the issue began. I tested both a physical and VM with same results. 1809 worked fine, 1903 gave the error. Have a great day, Andrew On 17 Feb. 2020, 11:12, at 11:12, ivanmarcus <[email protected]> wrote: >Here's an abridged version of what we do for the Win machines: > > >Use secpol, set to not display last username > >Set account lockout threshold, duration and counter > >Allow connections from any version of RD > >Regedit: > [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal >Server\WinStations\RDP-Tcp] >“SecurityLayer”=dword:00000001 > >As we use WOL there's also some power management stuff to set. > > >Guacacmole I've previously described. FYI I don't set the sim >connection, nor do I set authentication detail (users first log into >Guacamole, then need to enter their Win user/pass). > >This works fine, however I did have a similar issue to what you >describe >with another client (Remmina worked, Win RDP client worked fine, but >Guacamole wouldn't) and although I no longer recollect the error number > >in the end it turned out to be some specific security policy they'd >implemented on the Winboxen. > >As I wasn't too involved in that side of it I can't be any more >specific >but the above may be enough for you to get it operational anyway? > > > >On 17/02/2020 5:15 a.m., Brett Ferrell wrote: >> Yea, I've tried with and without NLA enabled on the target, and have >> turned on ignore cert in gauc. Remmina seems only to have 32bit >> color, negotiate security, and sound off, and it connects fine. I'm >> sure I'm doing something wrong, but just in case someone sees it when > >> I don't. I really do appreciate the input. >> >> * MacOS RDP connects fine >> * Remmina on GuacVM connects fine >> >> >> * NLA is disabled on Win10 target >> * Guac-have checked IP and port (actual doesn't seem to care if >port >> is blank) >> * Guac-have checked to 'ignore cert' (it does seem to need this) >> * Guac-have set to 32b color (doesn't seem to care about this) >> * Guac-have checked pass/user (it clearly breaks with a bad pass) >> * Guac-have selected RDP protocol/location root >> * Guac-have set simultaneous connections to 10/10 >> * Guac-security method, have tried blank/any/and NLA (when NLA was >> turned on on Win10) >> * Guac-everything else is blank >> * Guac-log seems to connect briefly before the error 14 in guacd >> * Guac-SSH protocol connects fine >> >> >> Any RDP connection ends with ERROR 14. I think I'll try spinning up >a >> Ubuntu 16 VM to see if it acts different. Very odd and annoying. >> >> >> -- >> Brett Ferrell >> [email protected] <mailto:[email protected]> >> >> >> >> >> On Sun, Feb 16, 2020, at 3:51 AM, ivanmarcus wrote: >>> >>> Ok, sorry, I've never had that error and not knowing what had >>> transpired during the script install thought it may have been >>> something to do with that... >>> >>> However, given you've utilised the steps I posted, and I know for >>> sure that works for Win10, you may simply find it's a matter of >>> setting the correct parameters in Guacamole and/or the Win10 box. >>> >>> Other than the requisite IP address and port etc my Guacamole is set > >>> only to "ignore server certificate" (and one or two other things >>> regarding font smooting and colour depth). Try setting that if you >>> haven't already. >>> >>> Unfortunately the notes I have for my Win7/10 clients aren't to hand > >>> at present, so I can't be sure if there's anything else we do, but >if >>> that doesn't work you could try disabling NLA on the Win10 box to >see >>> if that sorts it out. >>> >>> >>> On 16/02/2020 5:38 p.m., Brett Ferrell wrote: >>>> Ivan, >>>> >>>> Thanks, I just spun a fresh VM and ran through your steps (starting > >>>> with the 1:18 am posting), and everything seemed to go OK, but I >>>> still get the ERROR 14 connecting to my Win10 VMs. >>>> >>>> So, probably my other setup is/was working OK, and there's >something >>>> odd in my (Win10) configuration, but I can't think of what it might > >>>> be. As I say, I can RDP with the MS Mac client and Remmina (which >>>> is totally vanilla) from the guac VM, so I know the client can >work, >>>> and both of my Guac vms are throwing this error. I'm sure that >>>> should be telling me something, but I have no idea what it is. >>>> >>>> >>>>> Feb 16 04:21:34 guacdev guacd[31201]: Creating new client for >>>>> protocol "rdp" >>>>> Feb 16 04:21:34 guacdev guacd[31201]: Connection ID is >>>>> "$ed6a7ee8-e082-4dfb-be73 >>>>> -9cdd920d080f" >>>>> Feb 16 04:21:34 guacdev guacd[32066]: No security mode specified. >>>>> Defaulting to >>>>> security mode negotiation with server. >>>>> Feb 16 04:21:34 guacdev guacd[32066]: Resize method: none >>>>> Feb 16 04:21:34 guacdev guacd[32066]: User >>>>> "@7866772d-d299-4583-b95f-b87d1682598 >>>>> 4" joined connection "$ed6a7ee8-e082-4dfb-be73-9cdd920d080f" (1 >>>>> users now presen >>>>> t) >>>>> Feb 16 04:21:34 guacdev guacd[32066]: Loading keymap "base" >>>>> Feb 16 04:21:34 guacdev guacd[32066]: Loading keymap >"en-us-qwerty" >>>>> Feb 16 04:21:35 guacdev guacd[32066]: Connected to RDPDR 1.13 as >>>>> client 0x0002 >>>>> Feb 16 04:21:35 guacdev kernel: [ 4967.241677] guacd[32072]: >>>>> segfault at 0 ip 00 >>>>> 00000000000000 sp 00007f925133db18 *_error 14 in >>>>> guacd_*[5576d4bbf000+7000] >>>>> Feb 16 04:21:35 guacdev guacd[31201]: Connection >>>>> "$ed6a7ee8-e082-4dfb-be73-9cdd9 >>>>> 20d080f" removed. >>>>> >>>>> bferrell@clone:/var/log$ lsb_release -a >>>>> No LSB modules are available. >>>>> Distributor ID: Ubuntu >>>>> Description: *Ubuntu 18.04.4 LTS* >>>>> Release: 18.04 >>>>> Codename: bionic >>>>> >>>> >>>> -- >>>> Brett Ferrell >>>> [email protected] <mailto:[email protected]> >>>> >>>> >>>> >>>> >>>> On Fri, Feb 14, 2020, at 7:06 PM, ivanmarcus wrote: >>>>> >>>>> I'm not familiar with the error, and I don't know what the most >>>>> recent form of that script does in terms of installed packages, >but >>>>> it may be worth checking the version of FreeRDP you have installed > >>>>> is compatible with whatever version of Guacamole you are running? >>>>> >>>>> Guacamole 1.1.0 uses FreeRDP 2, earlier versions require FreerRDP >1. >>>>> >>>>> Also, if you'd like to check out this thread you'll see a cople of > >>>>> posts I made that show the steps required to install Guacamole >>>>> 1.1.0 to a fresh Ubuntu server 18.04.2 VM: >>>>> >>>>> >http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ANNOUNCE-Apache-Guacamole-1-1-0-td7127.html >>>>> >>>>> I ran through that install process several times so I'm reasonably > >>>>> happy it should work 'out of the box' for RDP sessions if you >>>>> followed the steps laid down. >>>>> >>>>> >>>>> >>>>> On 15/02/2020 10:16 a.m., bferrell wrote: >>>>>> I used Mystic's install script >>>>>> <https://github.com/MysticRyuujin/guac-install> >>>>>> <https://github.com/MysticRyuujin/guac-install> to get >Guacamole running >>>>>> in a new Ubuntu 18.04 VM, and it connects to my Linux VNC clients >fine, but >>>>>> when I try to RDP it drops to black, tries to connect, and then >fails with a >>>>>> "you have been disconnected message". When I look at my syslog I >see this. >>>>>> >>>>>> >>>>>> Feb 14 21:03:29 guacamole guacd[1503]: Creating new client for >protocol >>>>>> "rdp" >>>>>> Feb 14 21:03:29 guacamole guacd[1503]: Connection ID is "$xyz" >>>>>> Feb 14 21:03:30 guacamole guacd[29738]: No security mode >specified. >>>>>> Defaulting to security mode negotiation with server. >>>>>> Feb 14 21:03:30 guacamole guacd[29738]: Resize method: none >>>>>> Feb 14 21:03:30 guacamole guacd[29738]: User "@abc" joined >connection "$xyz" >>>>>> (1 users now present) >>>>>> Feb 14 21:03:30 guacamole guacd[29738]: Loading keymap "base" >>>>>> Feb 14 21:03:30 guacamole guacd[29738]: Loading keymap >"en-us-qwerty" >>>>>> Feb 14 21:03:30 guacamole guacd[29738]: Connected to RDPDR 1.13 >as client >>>>>> 0x0004 >>>>>> Feb 14 21:03:31 guacamole *kernel: [70397.118595] guacd[29744]: >segfault at >>>>>> 0 ip 0000000000000000 sp 00007f388b7dcb18 error 14 in >>>>>> guacd*[55899f077000+7000] >>>>>> Feb 14 21:03:31 guacamole guacd[1503]: Connection "$xyz" removed. >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Sent >from:http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ >>>>>> >>>>>> >--------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail:[email protected] >>>>>> <mailto:[email protected]> >>>>>> For additional commands, e-mail:[email protected] ><mailto:[email protected]> >>>>>> >>>>>> >>>>>> >>>> >>
