date:20220217

Re: Issues with RDP connections

2022-02-17 Thread Nick Couchman

On Thu, Feb 17, 2022 at 8:34 PM Devine, Harry (FAA)
 wrote:

> On the Windows side or the guacamole side?  If the user couldn’t write
> there, why did the windows 10 rdp work?  One of out admins said they can
> rdp to the windows 2013 server using MobaXterm and they see the TLS is 1.2.
> Does guacamole expect v2?  If so, does the 2012 need to update to TLS2?
>
>
This would be on the Guacamole side. No, I do not expect that Guacamole
would require a TLS version that Windows doesn't support- I use 1.4.0 to
connect to Server 2003, 2008/r2, 2012/r2, 2016, and 2019, along with
Windows 10.

Also, might want to start guacd with debug logging (-L debug on the command
line, or log_level = debug in guacd.conf) to see if you get any more useful
messages.

-Nick

>

Re: Issues with RDP connections

2022-02-17 Thread Devine, Harry (FAA)

On the Windows side or the guacamole side?  If the user couldn’t write there, 
why did the windows 10 rdp work?  One of out admins said they can rdp to the 
windows 2013 server using MobaXterm and they see the TLS is 1.2. Does guacamole 
expect v2?  If so, does the 2012 need to update to TLS2?

Thanks,
Harry


Harry Devine

DOT/FAA/AJM-2432

Secure-OSE Administrator

Red Hat Certified System Administrator (RHCSA)

harry.dev...@faa.gov

Desk: (609)485-4218

FAA Cell: (609)612-7274

Building 300, 3rd floor, Column L20 (3L20)


From: Nick Couchman 
Sent: Thursday, February 17, 2022 7:59:24 PM
To: user@guacamole.apache.org 
Subject: Re: Issues with RDP connections

On Thu, Feb 17, 2022 at 4:26 PM Devine, Harry (FAA) 
 wrote:

Yeah, on that box, but this Server 2012 server keeps rejecting the attempt with 
“wrong security type?”.  So what do we need to do to make this box work?



Harry



Check the user that is running guacd and make sure it has write access to its 
home directory.

-Nick

Re: Issues with RDP connections

2022-02-17 Thread Nick Couchman

On Thu, Feb 17, 2022 at 4:26 PM Devine, Harry (FAA)
 wrote:

> Yeah, on that box, but this Server 2012 server keeps rejecting the attempt
> with “wrong security type?”.  So what do we need to do to make this box
> work?
>
>
>
> Harry
>
>
>

Check the user that is running guacd and make sure it has write access to
its home directory.

-Nick

>

RE: Issues with RDP connections

2022-02-17 Thread Devine, Harry (FAA)

Yeah, on that box, but this Server 2012 server keeps rejecting the attempt with 
"wrong security type?".  So what do we need to do to make this box work?

Harry

From: Adrian Owen 
Sent: Thursday, February 17, 2022 4:24 PM
To: user@guacamole.apache.org
Subject: RE: Issues with RDP connections

> I set TLS and ignore certificate, and it could get in

Guacamole settings are ok.

From: Devine, Harry (FAA) [mailto:harry.dev...@faa.gov.INVALID]
Sent: 17 February 2022 21:11
To: user@guacamole.apache.org
Subject: RE: Issues with RDP connections

Same errors (Guac's web page says the connection is currently unreachable).  
The log shows:

Feb 17 16:09:10 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 16:09:10 armt guacd[4148]: Connection ID is 
"$61bba758-ee0f-442d-9c99-03bb6204066d"
Feb 17 16:09:10 armt guacd[19478]: Security mode: Negotiate (ANY)
Feb 17 16:09:10 armt guacd[19478]: Resize method: none
Feb 17 16:09:10 armt guacd[19478]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 16:09:10 armt server: 16:09:10.650 [http-bio-8080-exec-89] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 16:09:10 armt server: 16:09:10.650 [http-bio-8080-exec-89] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 16:09:10 armt guacd[19478]: User "@d394b5b0-4e10-47d1-a237-0d3536b5c921" 
joined connection "$61bba758-ee0f-442d-9c99-03bb6204066d" (1 users now present)
Feb 17 16:09:10 armt guacd[19478]: Loading keymap "base"
Feb 17 16:09:10 armt guacd[19478]: Loading keymap "en-us-qwerty"
Feb 17 16:09:11 armt guacd[19478]: RDP server closed/refused connection: Server 
refused connection (wrong security type?)
Feb 17 16:09:11 armt guacd[19478]: User "@d394b5b0-4e10-47d1-a237-0d3536b5c921" 
disconnected (0 users remain)
Feb 17 16:09:11 armt guacd[19478]: Last user of connection 
"$61bba758-ee0f-442d-9c99-03bb6204066d" disconnected
Feb 17 16:09:11 armt guacd[4148]: Connection 
"$61bba758-ee0f-442d-9c99-03bb6204066d" removed.
Feb 17 16:09:11 armt server: 16:09:11.387 [http-bio-8080-exec-109] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2". Duration: 15423 milliseconds
Feb 17 16:09:11 armt server: 16:09:11.392 [http-bio-8080-exec-109] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection to 
guacd timed out.

I created a new connection to  another Windows server that's Windows 10, and I 
set TLS and ignore certificate, and it could get in, so what could be wrong on 
this Windows server to cause to refuse a connection?

Thanks,
Harry

From: Adrian Owen mailto:adrian.o...@eesm.com>>
Sent: Thursday, February 17, 2022 4:08 PM
To: user@guacamole.apache.org
Subject: RE: Issues with RDP connections

security   any
ignore-cert true

Adrian

From: Devine, Harry (FAA) [mailto:harry.dev...@faa.gov.INVALID]
Sent: 17 February 2022 20:45
To: user@guacamole.apache.org
Subject: Issues with RDP connections

We are trying to get RDP connections to a Windows Server 2012 machine, and 
every time we try, it fails.  The /var/log/messages shows the following:

Feb 17 15:40:51 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 15:40:51 armt guacd[4148]: Connection ID is 
"$4886636f-dd2a-455d-865a-239b95a0f4ae"
Feb 17 15:40:51 armt guacd[17756]: Security mode: TLS
Feb 17 15:40:51 armt guacd[17756]: Resize method: none
Feb 17 15:40:51 armt guacd[17756]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 15:40:51 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
joined connection "$4886636f-dd2a-455d-865a-239b95a0f4ae" (1 users now present)
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "base"
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "en-us-qwerty"
Feb 17 15:40:52 armt guacd[17756]: RDP server closed/refused connection: 
Security negotiation failed (wrong security type?)
Feb 17 15:40:52 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
disconnected (0 users remain)
Feb 17 15:40:52 armt guacd[17756]: Last user of connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" disconnected
Feb 17 15:40:52 armt guacd[4148]: Connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" removed.
Feb 17 15:41:07 armt server: 15:41:07.343 [http-bio-8080-exec-105] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2".

RE: Issues with RDP connections

2022-02-17 Thread Adrian Owen

> I set TLS and ignore certificate, and it could get in

Guacamole settings are ok.

From: Devine, Harry (FAA) [mailto:harry.dev...@faa.gov.INVALID]
Sent: 17 February 2022 21:11
To: user@guacamole.apache.org
Subject: RE: Issues with RDP connections

Same errors (Guac's web page says the connection is currently unreachable).  
The log shows:

Feb 17 16:09:10 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 16:09:10 armt guacd[4148]: Connection ID is 
"$61bba758-ee0f-442d-9c99-03bb6204066d"
Feb 17 16:09:10 armt guacd[19478]: Security mode: Negotiate (ANY)
Feb 17 16:09:10 armt guacd[19478]: Resize method: none
Feb 17 16:09:10 armt guacd[19478]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 16:09:10 armt server: 16:09:10.650 [http-bio-8080-exec-89] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 16:09:10 armt server: 16:09:10.650 [http-bio-8080-exec-89] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 16:09:10 armt guacd[19478]: User "@d394b5b0-4e10-47d1-a237-0d3536b5c921" 
joined connection "$61bba758-ee0f-442d-9c99-03bb6204066d" (1 users now present)
Feb 17 16:09:10 armt guacd[19478]: Loading keymap "base"
Feb 17 16:09:10 armt guacd[19478]: Loading keymap "en-us-qwerty"
Feb 17 16:09:11 armt guacd[19478]: RDP server closed/refused connection: Server 
refused connection (wrong security type?)
Feb 17 16:09:11 armt guacd[19478]: User "@d394b5b0-4e10-47d1-a237-0d3536b5c921" 
disconnected (0 users remain)
Feb 17 16:09:11 armt guacd[19478]: Last user of connection 
"$61bba758-ee0f-442d-9c99-03bb6204066d" disconnected
Feb 17 16:09:11 armt guacd[4148]: Connection 
"$61bba758-ee0f-442d-9c99-03bb6204066d" removed.
Feb 17 16:09:11 armt server: 16:09:11.387 [http-bio-8080-exec-109] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2". Duration: 15423 milliseconds
Feb 17 16:09:11 armt server: 16:09:11.392 [http-bio-8080-exec-109] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection to 
guacd timed out.

I created a new connection to  another Windows server that's Windows 10, and I 
set TLS and ignore certificate, and it could get in, so what could be wrong on 
this Windows server to cause to refuse a connection?

Thanks,
Harry

From: Adrian Owen mailto:adrian.o...@eesm.com>>
Sent: Thursday, February 17, 2022 4:08 PM
To: user@guacamole.apache.org
Subject: RE: Issues with RDP connections

security   any
ignore-cert true

Adrian

From: Devine, Harry (FAA) [mailto:harry.dev...@faa.gov.INVALID]
Sent: 17 February 2022 20:45
To: user@guacamole.apache.org
Subject: Issues with RDP connections

We are trying to get RDP connections to a Windows Server 2012 machine, and 
every time we try, it fails.  The /var/log/messages shows the following:

Feb 17 15:40:51 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 15:40:51 armt guacd[4148]: Connection ID is 
"$4886636f-dd2a-455d-865a-239b95a0f4ae"
Feb 17 15:40:51 armt guacd[17756]: Security mode: TLS
Feb 17 15:40:51 armt guacd[17756]: Resize method: none
Feb 17 15:40:51 armt guacd[17756]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 15:40:51 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
joined connection "$4886636f-dd2a-455d-865a-239b95a0f4ae" (1 users now present)
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "base"
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "en-us-qwerty"
Feb 17 15:40:52 armt guacd[17756]: RDP server closed/refused connection: 
Security negotiation failed (wrong security type?)
Feb 17 15:40:52 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
disconnected (0 users remain)
Feb 17 15:40:52 armt guacd[17756]: Last user of connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" disconnected
Feb 17 15:40:52 armt guacd[4148]: Connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" removed.
Feb 17 15:41:07 armt server: 15:41:07.343 [http-bio-8080-exec-105] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2". Duration: 15404 milliseconds
Feb 17 15:41:07 armt server: 15:41:07.348 [http-bio-8080-exec-105] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection to 
guacd timed out.

We have tried all possible values in the connection's Security Mode, as well 
has having "Ignore Server Certificate" checked and

RE: Issues with RDP connections

2022-02-17 Thread Devine, Harry (FAA)

Same errors (Guac's web page says the connection is currently unreachable).  
The log shows:

Feb 17 16:09:10 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 16:09:10 armt guacd[4148]: Connection ID is 
"$61bba758-ee0f-442d-9c99-03bb6204066d"
Feb 17 16:09:10 armt guacd[19478]: Security mode: Negotiate (ANY)
Feb 17 16:09:10 armt guacd[19478]: Resize method: none
Feb 17 16:09:10 armt guacd[19478]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 16:09:10 armt server: 16:09:10.650 [http-bio-8080-exec-89] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 16:09:10 armt server: 16:09:10.650 [http-bio-8080-exec-89] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 16:09:10 armt guacd[19478]: User "@d394b5b0-4e10-47d1-a237-0d3536b5c921" 
joined connection "$61bba758-ee0f-442d-9c99-03bb6204066d" (1 users now present)
Feb 17 16:09:10 armt guacd[19478]: Loading keymap "base"
Feb 17 16:09:10 armt guacd[19478]: Loading keymap "en-us-qwerty"
Feb 17 16:09:11 armt guacd[19478]: RDP server closed/refused connection: Server 
refused connection (wrong security type?)
Feb 17 16:09:11 armt guacd[19478]: User "@d394b5b0-4e10-47d1-a237-0d3536b5c921" 
disconnected (0 users remain)
Feb 17 16:09:11 armt guacd[19478]: Last user of connection 
"$61bba758-ee0f-442d-9c99-03bb6204066d" disconnected
Feb 17 16:09:11 armt guacd[4148]: Connection 
"$61bba758-ee0f-442d-9c99-03bb6204066d" removed.
Feb 17 16:09:11 armt server: 16:09:11.387 [http-bio-8080-exec-109] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2". Duration: 15423 milliseconds
Feb 17 16:09:11 armt server: 16:09:11.392 [http-bio-8080-exec-109] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection to 
guacd timed out.

I created a new connection to  another Windows server that's Windows 10, and I 
set TLS and ignore certificate, and it could get in, so what could be wrong on 
this Windows server to cause to refuse a connection?

Thanks,
Harry

From: Adrian Owen 
Sent: Thursday, February 17, 2022 4:08 PM
To: user@guacamole.apache.org
Subject: RE: Issues with RDP connections

security   any
ignore-cert true

Adrian

From: Devine, Harry (FAA) [mailto:harry.dev...@faa.gov.INVALID]
Sent: 17 February 2022 20:45
To: user@guacamole.apache.org
Subject: Issues with RDP connections

We are trying to get RDP connections to a Windows Server 2012 machine, and 
every time we try, it fails.  The /var/log/messages shows the following:

Feb 17 15:40:51 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 15:40:51 armt guacd[4148]: Connection ID is 
"$4886636f-dd2a-455d-865a-239b95a0f4ae"
Feb 17 15:40:51 armt guacd[17756]: Security mode: TLS
Feb 17 15:40:51 armt guacd[17756]: Resize method: none
Feb 17 15:40:51 armt guacd[17756]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 15:40:51 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
joined connection "$4886636f-dd2a-455d-865a-239b95a0f4ae" (1 users now present)
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "base"
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "en-us-qwerty"
Feb 17 15:40:52 armt guacd[17756]: RDP server closed/refused connection: 
Security negotiation failed (wrong security type?)
Feb 17 15:40:52 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
disconnected (0 users remain)
Feb 17 15:40:52 armt guacd[17756]: Last user of connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" disconnected
Feb 17 15:40:52 armt guacd[4148]: Connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" removed.
Feb 17 15:41:07 armt server: 15:41:07.343 [http-bio-8080-exec-105] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2". Duration: 15404 milliseconds
Feb 17 15:41:07 armt server: 15:41:07.348 [http-bio-8080-exec-105] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection to 
guacd timed out.

We have tried all possible values in the connection's Security Mode, as well 
has having "Ignore Server Certificate" checked and unchecked, and it simply 
won't connect.  How can we get this working?  This is a high-security item for 
a client of ours and they have to have connectivity to these machines restored 
asap.

Thanks,
Harry

Harry Devine
Secure-OSE System Administrator
Red Hat Certified System Administrator (RHCSA)
Work: (609)

RE: Issues with RDP connections

2022-02-17 Thread Adrian Owen

security   any
ignore-cert true

Adrian

From: Devine, Harry (FAA) [mailto:harry.dev...@faa.gov.INVALID]
Sent: 17 February 2022 20:45
To: user@guacamole.apache.org
Subject: Issues with RDP connections

We are trying to get RDP connections to a Windows Server 2012 machine, and 
every time we try, it fails.  The /var/log/messages shows the following:

Feb 17 15:40:51 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 15:40:51 armt guacd[4148]: Connection ID is 
"$4886636f-dd2a-455d-865a-239b95a0f4ae"
Feb 17 15:40:51 armt guacd[17756]: Security mode: TLS
Feb 17 15:40:51 armt guacd[17756]: Resize method: none
Feb 17 15:40:51 armt guacd[17756]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 15:40:51 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
joined connection "$4886636f-dd2a-455d-865a-239b95a0f4ae" (1 users now present)
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "base"
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "en-us-qwerty"
Feb 17 15:40:52 armt guacd[17756]: RDP server closed/refused connection: 
Security negotiation failed (wrong security type?)
Feb 17 15:40:52 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
disconnected (0 users remain)
Feb 17 15:40:52 armt guacd[17756]: Last user of connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" disconnected
Feb 17 15:40:52 armt guacd[4148]: Connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" removed.
Feb 17 15:41:07 armt server: 15:41:07.343 [http-bio-8080-exec-105] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2". Duration: 15404 milliseconds
Feb 17 15:41:07 armt server: 15:41:07.348 [http-bio-8080-exec-105] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection to 
guacd timed out.

We have tried all possible values in the connection's Security Mode, as well 
has having "Ignore Server Certificate" checked and unchecked, and it simply 
won't connect.  How can we get this working?  This is a high-security item for 
a client of ours and they have to have connectivity to these machines restored 
asap.

Thanks,
Harry

Harry Devine
Secure-OSE System Administrator
Red Hat Certified System Administrator (RHCSA)
Work: (609) 485-4218
FAA Cell:  (609) 612-7274

Issues with RDP connections

2022-02-17 Thread Devine, Harry (FAA)

We are trying to get RDP connections to a Windows Server 2012 machine, and 
every time we try, it fails.  The /var/log/messages shows the following:

Feb 17 15:40:51 armt guacd[4148]: Creating new client for protocol "rdp"
Feb 17 15:40:51 armt guacd[4148]: Connection ID is 
"$4886636f-dd2a-455d-865a-239b95a0f4ae"
Feb 17 15:40:51 armt guacd[17756]: Security mode: TLS
Feb 17 15:40:51 armt guacd[17756]: Resize method: none
Feb 17 15:40:51 armt guacd[17756]: No clipboard line-ending normalization 
specified. Defaulting to preserving the format of all line endings.
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection 
"2".
Feb 17 15:40:51 armt server: 15:40:51.939 [http-bio-8080-exec-87] INFO  
o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not 
WebSocket). Performance may be sub-optimal.
Feb 17 15:40:51 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
joined connection "$4886636f-dd2a-455d-865a-239b95a0f4ae" (1 users now present)
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "base"
Feb 17 15:40:51 armt guacd[17756]: Loading keymap "en-us-qwerty"
Feb 17 15:40:52 armt guacd[17756]: RDP server closed/refused connection: 
Security negotiation failed (wrong security type?)
Feb 17 15:40:52 armt guacd[17756]: User "@eca84bdc-710e-43f6-88c0-0451531d9a14" 
disconnected (0 users remain)
Feb 17 15:40:52 armt guacd[17756]: Last user of connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" disconnected
Feb 17 15:40:52 armt guacd[4148]: Connection 
"$4886636f-dd2a-455d-865a-239b95a0f4ae" removed.
Feb 17 15:41:07 armt server: 15:41:07.343 [http-bio-8080-exec-105] INFO  
o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from 
connection "2". Duration: 15404 milliseconds
Feb 17 15:41:07 armt server: 15:41:07.348 [http-bio-8080-exec-105] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection to 
guacd timed out.

We have tried all possible values in the connection's Security Mode, as well 
has having "Ignore Server Certificate" checked and unchecked, and it simply 
won't connect.  How can we get this working?  This is a high-security item for 
a client of ours and they have to have connectivity to these machines restored 
asap.

Thanks,
Harry

Harry Devine
Secure-OSE System Administrator
Red Hat Certified System Administrator (RHCSA)
Work: (609) 485-4218
FAA Cell:  (609) 612-7274

RE: 2 Issues with one of our guacamole servers

2022-02-17 Thread Devine, Harry (FAA)

I got it to work.  The WAR file wasn't renamed to guacamole.war, and the file 
permissions were wrong, so the guacamole.properties couldn't be read.  I'm 
having an issue opening an RDP connection, but I don't know if that connection 
is 100% valid, so I'll work on that on my own for now.

Thanks,
Harry

From: Devine, Harry (FAA) 
Sent: Thursday, February 17, 2022 11:47 AM
To: user@guacamole.apache.org
Subject: 2 Issues with one of our guacamole servers

I have 2 issues with one of our guacamole servers.  First, we can no longer log 
in.  We get "Invalid Login" on the main page, and the following in 
/var/log/messages (user "harry.devine" is an LDAP user):

Feb 17 11:37:28 guac server: 11:37:28.839 [http-bio-8080-exec-6] WARN  
o.a.g.r.auth.AuthenticationService - Authentication attempt from 
[192.168.100.1, 127.0.0.1] for user "guacadmin" failed.
Feb 17 11:37:48 guac server: 11:37:48.330 [http-bio-8080-exec-7] WARN  
o.a.g.r.auth.AuthenticationService - Authentication attempt from 
[192.168.100.1, 127.0.0.1] for user "harry.devine" failed.

Here is a redacted /etc/guacamole/guacamole.properties:

#MySQL properties
mysql-hostname: 127.0.0.1
mysql-port:3306
mysql-database: 
mysql-username: 
mysql-password: 
mysql-default-max-connections-per-user: 0
mysql-default-max-group-connections-per-user:0

#LDAP properties
ldap-hostname:ldap.example.com
ldap-port:389
ldap-encryption-method:none
ldap-dereference-aliases:never
ldap-search-bind-dn:cn="Directory Manager"
ldap-search-bind-password:
ldap-user-base-dn:cn=users,cn=accounts,dc=example,dc=com
ldap-username-attribute:uid
ldap-group-base-dn:cn=groups,cn=accounts,dc=example,dc=com

The second issue was that since we couldn't  connect any longer, we upgraded 
from 1.2.0 to 1.4.0.  Running /etc/init.d/guacd start shows 1.4.0, but the GUI 
shows 1.2.0.  Could this have anything to do with this?

Thanks,
Harry

Harry Devine
Secure-OSE System Administrator
Red Hat Certified System Administrator (RHCSA)
Work: (609) 485-4218
FAA Cell:  (609) 612-7274

Pulseaudio MacOS (Big Sur)

2022-02-17 Thread Khoe, Yonathan

Does anybody have pulseaudio working under this platform?  I have gotten it to 
work as far as getting the 'paplay' binary to output sound from the Mac to my 
remoting machine.  However, the output of any other sounds from the Mac 
(playing youtube audio, etc.) still comes out from the built-in speakers.  It 
almost seems like I have to set the output to Pulseaudio but it does not appear 
as an audio source in System Preferences.  Has that always been how Pulseaudio 
work, especially on MacOS? CLI only?

I followed through with the little audio documentation on the Guacamole manual. 
 I got paplay to output from Guacamole as well as dedicated VNC Viewer desktop 
application.  If anyone know an active community that could help with 
pulseaudio support, please don't hesitate to let me know.  I realize it may not 
be the Guacamole project's main focus.

Thank you for your time.

Yonathan Khoe
Senior Systems Administrator
CVAD IT

University of North Texas
940.565.4793
yonat...@unt.edu
https://itservices.cvad.unt.edu/

2 Issues with one of our guacamole servers

2022-02-17 Thread Devine, Harry (FAA)

I have 2 issues with one of our guacamole servers.  First, we can no longer log 
in.  We get "Invalid Login" on the main page, and the following in 
/var/log/messages (user "harry.devine" is an LDAP user):

Feb 17 11:37:28 guac server: 11:37:28.839 [http-bio-8080-exec-6] WARN  
o.a.g.r.auth.AuthenticationService - Authentication attempt from 
[192.168.100.1, 127.0.0.1] for user "guacadmin" failed.
Feb 17 11:37:48 guac server: 11:37:48.330 [http-bio-8080-exec-7] WARN  
o.a.g.r.auth.AuthenticationService - Authentication attempt from 
[192.168.100.1, 127.0.0.1] for user "harry.devine" failed.

Here is a redacted /etc/guacamole/guacamole.properties:

#MySQL properties
mysql-hostname: 127.0.0.1
mysql-port:3306
mysql-database: 
mysql-username: 
mysql-password: 
mysql-default-max-connections-per-user: 0
mysql-default-max-group-connections-per-user:0

#LDAP properties
ldap-hostname:ldap.example.com
ldap-port:389
ldap-encryption-method:none
ldap-dereference-aliases:never
ldap-search-bind-dn:cn="Directory Manager"
ldap-search-bind-password:
ldap-user-base-dn:cn=users,cn=accounts,dc=example,dc=com
ldap-username-attribute:uid
ldap-group-base-dn:cn=groups,cn=accounts,dc=example,dc=com

The second issue was that since we couldn't  connect any longer, we upgraded 
from 1.2.0 to 1.4.0.  Running /etc/init.d/guacd start shows 1.4.0, but the GUI 
shows 1.2.0.  Could this have anything to do with this?

Thanks,
Harry

Harry Devine
Secure-OSE System Administrator
Red Hat Certified System Administrator (RHCSA)
Work: (609) 485-4218
FAA Cell:  (609) 612-7274

Re: Issues with RDP connections

Re: Issues with RDP connections

Re: Issues with RDP connections

RE: Issues with RDP connections

RE: Issues with RDP connections

RE: Issues with RDP connections

RE: Issues with RDP connections

Issues with RDP connections

RE: 2 Issues with one of our guacamole servers

Pulseaudio MacOS (Big Sur)

2 Issues with one of our guacamole servers

11 matches

Site Navigation

Mail list logo

Footer information