Thanks Eli for help, but at my end it doesn't work. I completely emptied the "Authentication" connection settings pane except for the checkbox "Ignore server certificate", and put "ANY" in the security mode, without success.
Here is the guacd log: May 10 11:12:42 guacd[7]: INFO:#011Creating new client for protocol "rdp" May 10 11:12:42 guacd[7]: INFO:#011Connection ID is "$61edb43f-0fb3-46ab-9a02-ec04b3892929" May 10 11:12:42 guacd[12488]: INFO:#011Security mode: Negotiate (ANY) May 10 11:12:42 guacd[12488]: INFO:#011Resize method: none May 10 11:12:42 guacd[12488]: INFO:#011No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings. May 10 11:12:42 guacd[12488]: INFO:#011User "@b0967c60-e755-4c99-aedc-8753f3a4da7c" joined connection "$61edb43f-0fb3-46ab-9a02-ec04b3892929" (1 users now present) May 10 11:12:42 guacd[12488]: INFO:#011Recording of session will be saved to "/record/20220510-091242". May 10 11:12:42 guacd[12488]: INFO:#011Loading keymap "base" May 10 11:12:42 guacd[12488]: INFO:#011Loading keymap "it-it-qwerty" May 10 11:12:42 guacd[12488]: INFO:#011RDP server closed/refused connection: Server refused connection (wrong security type?) May 10 11:12:42 guacd[12488]: INFO:#011User "@b0967c60-e755-4c99-aedc-8753f3a4da7c" disconnected (0 users remain) May 10 11:12:42 guacd[12488]: INFO:#011Last user of connection "$61edb43f-0fb3-46ab-9a02-ec04b3892929" disconnected May 10 11:12:42 guacd[7]: INFO:#011Connection "$61edb43f-0fb3-46ab-9a02-ec04b3892929" removed. Lorenzo Da: Abramson, Eli <[email protected]> Inviato: martedì 10 maggio 2022 11:08 A: [email protected] Oggetto: RE: [External] RE: RDP with NLA Authentication Hi Lorenzo, I've faced the same issue when trying to leave the "Security mode:" blank. Guacamole has started prompting for credentials when connecting to RDP machines as soon as I've switched it to "Any"; For me this works for Windows machines older than Server 2008R2 as well as newer(where NLA is enforced by default)! From: MAURIZI Lorenzo <[email protected]<mailto:[email protected]>> Sent: Tuesday, May 10, 2022 10:15 AM To: [email protected]<mailto:[email protected]> Subject: [External] RE: RDP with NLA Authentication You don't often get email from [email protected]<mailto:[email protected]>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> WARNING: This message has originated from an External Source. This may be a phishing email that can result in unauthorized access to Honeywell systems. Please use proper judgment and caution when opening attachments, clicking links or responding. I forgot to add that I'm using latest 1.4.0 version of Guacamole and guacd docker containers. Thanks. On 2022/05/10 07:11:45 MAURIZI Lorenzo wrote: > Dear all, > I'm new to Guacamole and I am setting up a new installation based upon docker > and docker-compose. > Reading the great documentation I was able to install Guacamole, configure > the TOTP module, customize the interface. > Everything works as expected, except the fact that I need to save into > connection profile the credentials to connect with RDP protocol to recent > Windows systems. > I have read some JIRA issues about RDP authentication and the NLA problem, > and I was thinking that Guacamole was able to ask for user and password while > connecting to the remote machine. > But I can't still obtain a prompt for user and password, while all is working > well when the credentials are saved into the connection profile. > > Is it possible to connect with RDP avoiding to save user and password into > connection profile? > > Thanks in advance. > Best regards. > > Lorenzo >
