Hello again everyone, I have determined that my connection issues may be related to my Active Directory setup on FreeBSD.
When I disable 'winbind enum users' due to a warning in the documentation
that the setting may adversely affect performance some things like 'getent
passwd' do not seem to know about AD users. So I have re-enabled that
option in smb.conf. Additionally, when I connect to xrdp from win7 rdc
with the domain name *not* specified I get further than the black screen.
However, what I do see is the connection log dialog for xrdp as in the
attached.
[image: Inline image 2]
The session does appear to be started:
==> xrdp.log <==
[20131119-18:21:33] [WARN ] local keymap file for 0x0409 found and dosen't
match built in keymap, using local keymap file
==> xrdp-sesman.log <==
[20131119-18:21:33] [INFO ] scp thread on sck 9 started successfully
==> debug.log <==
Nov 19 18:21:33 redacted XRDP-sesman[1041]: pam_winbind(xrdp-sesman):
getting password (0x00000188)
==> xrdp-sesman.log <==
[20131119-18:21:34] [INFO ] ++ created session (access granted): username
chris, ip redacted:51141 - socket: 8
[20131119-18:21:34] [INFO ] starting X11rdp session...
[20131119-18:21:34] [INFO ] X11rdp start:X11rdp :12 -geometry 1680x960
-depth 24 -bs -ac -nolisten tcp
[20131119-18:21:35] [INFO ] starting xrdp-sessvc - xpid=1386 - wmpid=1385
I even have my window manager running:
-+- 01041 root /usr/local/sbin/xrdp-sesman
\-+- 01383 root /usr/local/sbin/xrdp-sesman
\-+= 01384 chris /usr/local/sbin/xrdp-sessvc 1386 1385
|-+- 01385 chris /bin/sh /usr/local/etc/xrdp/startwm.sh
| \--- 01389 chris fluxbox
|--- 01386 chris X11rdp :12 -geometry 1680x960 -depth 24 -bs -ac
-nolisten tcp
\--- 01388 chris xrdp-chansrv
I just don't understand why xrdp is having all of this trouble just because
I'm connecting with an AD user. Connections from the AD user work
completely fine with sshd.
Btw, previously someone mentioned using xrdp-sestest to verify whether it
is working... From what I can tell, xrdp-sestest is hard coded to attempt
a session with vnc.
On Sat, Nov 16, 2013 at 7:08 PM, Koichiro IWAO <m...@vmeta.jp> wrote:
> On Fri, Nov 15, 2013 at 11:18:34PM -0600, Chris Lee wrote:
> > [chris@redacted ~]$ pstree -s xrdp
> > -+= 00001 root /sbin/init --
> > \-+= 01192 root /usr/sbin/sshd
> > |-+= 01513 root sshd: chris [priv] (sshd)
> > | \-+- 01517 chris sshd: chris@pts/0 (sshd)
> > | \-+= 01520 chris -bash (bash)
> > | \-+= 01523 root sudo tail -f xrdp.log xrdp-sesman.log
> > | \--- 03267 root tail -f xrdp.log xrdp-sesman.log
> > |-+= 01524 root sshd: chris [priv] (sshd)
> > | \-+- 01527 chris sshd: chris@pts/1 (sshd)
> > | \-+= 01528 chris -bash (bash)
> > | \-+= 84786 root sudo xrdp --nodaemon
> > | \--- 84787 root xrdp --nodaemon
> > \-+= 03268 root sshd: chris [priv] (sshd)
> > \-+- 03271 chris sshd: chris@pts/2 (sshd)
> > \-+= 03272 chris -bash (bash)
> > \-+= 84790 root sudo xrdp-sesman --nodaemon
> > \--- 84791 root xrdp-sesman --nodaemon
>
> Okay, X11rdp binary is not executed for some reasons. I doubt
> xrdp-sesman is not listening tcp port 3350 or another
> process grabs the port. Could you see "netstat -a -f inet" ?
> And you can also test sesman using xrdp-sestest instead of connectting
> from RD client
>
> > So x11rdp-devel required xorg-server >= 1.9.3 and setting WITH_NEW_XORG
> in
> > make.conf bumped me to 1.12.4 (I think) after I removed and upgraded a
> > bunch of other stuff like libdrm, dri, libGL, libGLU, and so on.
>
> You're right. x11rdp-devel port requires WITH_NEW_XORG.
>
> > Is it possible that I just have some configuration completely wrong?
> > My xrdp.ini is modified as per your guide, putting sesman-X11rdp in the
> > first entry and setting crypt_level to high.
> > I don't think I've changed anything in sesman.ini at all.
>
> Your xrdp.ini configuration seems all right but simplifying is a good way
> to
> make the issue clearer. I made a virtual machine image which have xrdp and
> x11rdp are properly configured. Run it on VirtualBox or something and
> then compare differences between my VM and yours.
>
> http://www.club.kyutech.ac.jp/~meta/temp/xrdp-sample.vdi.xz
>
> > I *did* change /usr/local/etc/pam.d/xrdp-sesman to import everything from
> > system because I have system configured to authenticate users through
> > winbind (Active Directory). This works properly with sshd and console
> > login and until I updated the xrdp-sesman entry all of my connections
> from
> > my AD user were being logged as invalid user.
>
> I think it will work if sshd properly works but also try local user
> written in master.passwd too.
>
> > Any additional suggestions you may have would be greatly appreciated.
> And
> > thank you once again for all your help thus far. :)
>
> No problem, there's lots of xrdp users on Linux but few on FreeBSD. I'd
> like to collect knowledge xrdp on FreeBSD.
>
> --
> `whois vmeta.jp | nkf -w`
> meta <m...@vmeta.jp>
>
--
Thank you,
Chris Lee
<<image.png>>
------------------------------------------------------------------------------ Shape the Mobile Experience: Free Subscription Software experts and developers: Be at the forefront of tech innovation. Intel(R) Software Adrenaline delivers strategic insight and game-changing conversations that shape the rapidly evolving mobile landscape. Sign up now. http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________ xrdp-devel mailing list xrdp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xrdp-devel
