On Wed, Jan 24, 2024 at 3:40 PM Horváth Csaba <horvathcsabalas...@gmail.com> wrote:
> Hi, > > Tried with a Windows VM with NLA turned off; so simple RDP connection > works with security=rdp . So the issue is that guacd cannot > communicate with TLS and NLA security servers. This means it likely has to do with the issue that David mentioned with the home directory for the user running guacd. Note that we're talking about the Linux/UNIX home directory for the Linux user running guacd, not the GUACAMOLE_HOME directory. For example, if you run guacd under the "daemon" account, and the daemon account has a home directory of /usr/sbin (as is the case in RHEL8, for example), then the "daemon" user does not have access to write to the /usr/sbin directory and cannot create the host fingerprint file that is required for NLA and TLA connections. The easiest thing to do is just create a Linux user account for guacd to run under, allowing Linux to create a home directory (useradd with "-m" flag, for example), and then make sure guacd is being started under that account. Then re-try the connection. -Nick