Re: Does Guacamole support PKI/Smartcard authentication for RDP (instead of username/password)?
Hi Craig you wrote on the mailinglist that you just use a "65 character PW" now I would like to do the same.. but how can we do this if I want to use AD functionality like groups etc.. while beeing able to login to another System (form inside the corporate network) for example usign the normal password.. Is there somekind of GPO which allows to use one PW for all users instead of the real one just for a few hosts? I would love to hear form you to get this running :) it really would help me very much!
Re: SAML & Guacamole
I know I already wrote about this and created an issue in jira (https://issues.apache.org/jira/browse/GUACAMOLE-1428) I think adding the option to ask once for the password till it fails for the user (instead of for every connection) would fix this. @Bryan Sadly I wasn't able to find someone who really could do this.. I already gave this to a few people on freelancer-sites offering 500$, but nobody was able to do it. maybe together we could raise more money and find someone? @Nick how do you mean with LDAP this will work? Can I combine LDAP with SAML and it will work (using some kind of pth?) at least for me LDAP doesn't save my password in cleartext. --- Original Message --- Nick Couchman schrieb am Montag, 14. Februar 2022 um 21:23: > On Mon, Feb 14, 2022 at 3:18 PM Bryan Ohana > wrote: > >> HI Nick >> >> I’ll definitely open another thread for the issue with 1.4.0. >> >> Is there any way we can prevent users to have to enter the password when >> login in with Azure AD Credentials? > > Not with SAML, no - if the user is logging in with SAML, they will have to > enter their credentials, again, when logging into to a remote computer. As a > side note, here, my company uses Azure WVD provided by Nerdio, and their web > interface requires exactly the same thing- our Nerdio/Azure WVD environment > is federated to our ADFS SSO environment via SAML, and I have to log in to > SSO (ADFS), and then enter my password a second time. > > If you use LDAP, this will work, and the password can be transparently passed > through. > > -Nick > >>>
Re: RDP performance
for just 1-2 users currently: RDS: 20 vCPU 12 GB RAM Guacamole: 8 vCPU 8 GB RAM on very performant clients with a good internet-connection (1gbit/s) moving around windows is okayish.. but using lower-end hardware it starts to lag extremely fast when compared to a direct RDP-connection. --- Original Message --- Alejandro Hernandez schrieb am Donnerstag, 3. Februar 2022 um 20:47: > What are the server resources for Guacamole AND for your RDP server??? > (processors, ram...) > > El 2022-01-18 14:18, International Security Providers escribió: > >> is there a way to tune Guacamole for better performance with RDP? >> I only use it with 2 users currently.. and it already lags after some time >> and is never as snappy as connecting using mstsc. >> the gucamole-vm is also already quite loaded with ressources.. it's running >> directly on ssd, has 12gb ram and 12 cpu cores.. >> >> I use this setup: >> https://github.com/8gears/containerized-guacamole
I get redirected to the guacamole Dashboard, if I'm not logged-in while accessing a direct link
I get redirected to the guacamole Dashboard, if I'm not logged-in already and when I access an app directly using a link like this: "[https://guac.domain.tld/guacamole/#/client/](https://rd.neutronix.ch/guacamole/#/client/MTMAYwBwb3N0Z3Jlc3Fs)DFJr9rjVJKRKFRr4vrk0r0r" I would love to be able to click on the link -> login and then directly open the link ""[https://guac.domain.tld/guacamole/#/client/](https://rd.neutronix.ch/guacamole/#/client/MTMAYwBwb3N0Z3Jlc3Fs)DFJr9rjVJKRKFRr4vrk0r0r" again without searching it in the dashboard or going back to click it again. is this somehow possible? I use SAML-SSO
Re: RDP performance
the performance-issue is mostly only when dragging widows and it does't really take or give much if I disable "Show window content while dragging". ‐‐‐ Original Message ‐‐‐ International Security Providers schrieb am Dienstag, 18. Januar 2022 um 22:18: > is there a way to tune Guacamole for better performance with RDP? > I only use it with 2 users currently.. and it already lags after some time > and is never as snappy as connecting using mstsc. > the gucamole-vm is also already quite loaded with ressources.. it's running > directly on ssd, has 12gb ram and 12 cpu cores.. > > I use this setup: > https://github.com/8gears/containerized-guacamole
Re: AW: Re: remote-app (RDP) restore minimized apps
I found the solution for me:
Ctrl + Alt + Tab
keeps the alt-tab open till you click..
‐‐‐ Original Message ‐‐‐
International Security Providers
schrieb am Freitag, 21.
Januar 2022 um 12:28:
> Alt+Enter does something else for me (it will show details of a file when I
> have it highlighted in explorer.exe for example.
>
> what I also tried is using "Task View"
> %windir%\explorer.exe shell:::{3080F90E-D7AD-11D9-BD98-947B0257}
>
> but this only seems to work on full-Desktop mode.. in app-mod eit just
> doesn't do anything.
>
> I think if this would work it would be th ebest solution for me..
> so maybe soemone has an idea on how to get this to work?
>
> ‐‐‐ Original Message ‐‐‐
> Antony Awaida schrieb am Montag, 10. Januar 2022 um
> 22:52:
>
>> Hi there:
>>
>> A workaround is to have the user type Alt+Enter and this will re-open the
>> minimized window.
>>
>> Cheers,
>>
>> Antony Awaida
>> CEO
>> www.apporto.com
>>
>> ᐧ
>>
>> On Sun, Jan 9, 2022 at 1:27 PM Nick Couchman wrote:
>>
>>> On Fri, Jan 7, 2022 at 12:23 PM International Security Providers
>>> wrote:
>>>
>>>> hey everyone
>>>>
>>>> when I minimize an app which is launched using the "remote-app" with RDP.
>>>> I cannot get it back easily..
>>>> is there any solution to fix this? like a little button which just reverts
>>>> the apps or any way to just disable minimizing apps completely on windows?
>>>
>>> You're definitely not the first person to come across this, and it is
>>> easily reproducible. I've spent some time trying to find a good solution
>>> and have come up empty so far. The biggest challenge with regard to how
>>> Guacamole handles this is that RemoteApp support tends to assume that the
>>> local (client) window manager controls will be hidden and the remote
>>> (server) controls will be used to handle sizing and control of the actual
>>> application window. In a browser-based world, this isn't necessarily as
>>> straight-forward as it is in a more traditional RDP client -> RDP server
>>> world. There still seems to be some level of signaling between the RDP
>>> client and server, since minimizing a RemoteApp does result in the local
>>> window manager recognizing it as minimized, and clicking on it on the local
>>> taskbar restores it correctly.
>>>
>>> All that said, it seems like there probably is a way to handle it, but it's
>>> a matter of coming up with a good way in Guacamole to accomplish that
>>> signaling between the browser and the remote application, via guacd.
>>> Possible, but not necessarily easy.
>>>
>>> -Nick
AW: Re: remote-app (RDP) restore minimized apps
Alt+Enter does something else for me (it will show details of a file when I
have it highlighted in explorer.exe for example.
what I also tried is using "Task View"
%windir%\explorer.exe shell:::{3080F90E-D7AD-11D9-BD98-947B0257}
but this only seems to work on full-Desktop mode.. in app-mod eit just doesn't
do anything.
I think if this would work it would be th ebest solution for me..
so maybe soemone has an idea on how to get this to work?
‐‐‐ Original Message ‐‐‐
Antony Awaida schrieb am Montag, 10. Januar 2022 um 22:52:
> Hi there:
>
> A workaround is to have the user type Alt+Enter and this will re-open the
> minimized window.
>
> Cheers,
>
> Antony Awaida
> CEO
> www.apporto.com
>
> ᐧ
>
> On Sun, Jan 9, 2022 at 1:27 PM Nick Couchman wrote:
>
>> On Fri, Jan 7, 2022 at 12:23 PM International Security Providers
>> wrote:
>>
>>> hey everyone
>>>
>>> when I minimize an app which is launched using the "remote-app" with RDP. I
>>> cannot get it back easily..
>>> is there any solution to fix this? like a little button which just reverts
>>> the apps or any way to just disable minimizing apps completely on windows?
>>
>> You're definitely not the first person to come across this, and it is easily
>> reproducible. I've spent some time trying to find a good solution and have
>> come up empty so far. The biggest challenge with regard to how Guacamole
>> handles this is that RemoteApp support tends to assume that the local
>> (client) window manager controls will be hidden and the remote (server)
>> controls will be used to handle sizing and control of the actual application
>> window. In a browser-based world, this isn't necessarily as straight-forward
>> as it is in a more traditional RDP client -> RDP server world. There still
>> seems to be some level of signaling between the RDP client and server, since
>> minimizing a RemoteApp does result in the local window manager recognizing
>> it as minimized, and clicking on it on the local taskbar restores it
>> correctly.
>>
>> All that said, it seems like there probably is a way to handle it, but it's
>> a matter of coming up with a good way in Guacamole to accomplish that
>> signaling between the browser and the remote application, via guacd.
>> Possible, but not necessarily easy.
>>
>> -Nick
RDP performance
is there a way to tune Guacamole for better performance with RDP? I only use it with 2 users currently.. and it already lags after some time and is never as snappy as connecting using mstsc. the gucamole-vm is also already quite loaded with ressources.. it's running directly on ssd, has 12gb ram and 12 cpu cores.. I use this setup: https://github.com/8gears/containerized-guacamole
remote-app (RDP) restore minimized apps
hey everyone when I minimize an app which is launched using the "remote-app" with RDP. I cannot get it back easily.. is there any solution to fix this? like a little button which just reverts the apps or any way to just disable minimizing apps completely on windows? because the problem is, when I launc the app again it will open just a 2nd iteration of the same app in the same session.. so after a few times a user will open the same app many times and have it running in the background.
Re: [ANNOUNCE] Apache Guacamole 1.4.0
just wanted to verify that it's working now :) ‐‐‐ Original Message ‐‐‐ Mike Jumper schrieb am Freitag, 7. Januar 2022 um 01:37: > On Thu, Jan 6, 2022 at 3:50 PM Mike Jumper mjum...@apache.org wrote: > > > On Thu, Jan 6, 2022 at 3:30 PM International Security Providers > > > > internationalsecurityprovid...@protonmail.com.invalid wrote: > > > > > hey everyone, it's great to see the new release! > > > > > > I currently use a docker-setup and noticed that "latest" isn't 1.4 yet. > > > > > > will this happen soon, or should I change my tags to 1.4? > > > > It should already be 1.4.0. I think the Jenkins job that rebuilds the > > > > Docker images just hasn't been updated to point to 1.4.0, and it thus > > > > replaced the "latest" tag with the previous release. I'll verify the > > > > build and rerun. > > Things should now be correct. Let us know if you still see the wrong version. > > - Mike > > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > > For additional commands, e-mail: user-h...@guacamole.apache.org - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: [ANNOUNCE] Apache Guacamole 1.4.0
hey everyone, it's great to see the new release! I currently use a docker-setup and noticed that "latest" isn't 1.4 yet. will this happen soon, or should I change my tags to 1.4? ‐‐‐ Original Message ‐‐‐ Mike Jumper schrieb am Montag, 3. Januar 2022 um 06:28: > To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org > > For additional commands, e-mail: user-h...@guacamole.apache.org - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Good Dock for Windows Remote-App-Mode
In App-Mode I have the problem that as soon as I click on minimize, I cannot get my window back. Also when I start multiple Remote-Apps which reside on the same RDP, to use images in my clipboard between the apps for example I want to swithc between multiple open apps on there.. So I was trying a few app-docks now.. but either they use to much CPU or they can only launch apps but don't let me restore open windows (I want to launch them through guacamole) or you cannot hide/lock their settings from the user. maybe someone ha s a similar use-case and can share his setup? maybe it's possible to launch the builtin-taskbar wihtout launching an explorer-window and the desktop while disabling search etc.?
save a shared Password when using SSO
I just thought.. If it's only possible to do this with a system saving the cleartext password.. why not keep this only in guacamole? A working system could be like this: a selectable field that defines that the password for the user is stored. This password should then be stored for all connections (which have the field "shared password" activated) of the user on the guacamole server until it is wrong and then overwritten with the new password that the user enters. this would be very easy to implement for the admin as there is no additional configuration. and it would also only keep the password in cleartext ont he guacamole system which in my case is the only system, that needs a cleartext password.
SSO logout
anyone knows how to push this feature? I would say it' smore a bug than a feature.. as keeping myself logged-in on a public computer or something is pretty bad.. https://issues.apache.org/jira/browse/GUACAMOLE-1266
Re: using ${GUAC_PASSWORD} or similar with SSO (SAML)
where can I check my guacamole verison number when I have SAML enabled (otherwise it's on the login-page)? maybe there's a possibility to add something like a "MasterKey" for all users? ‐‐‐ Original Message ‐‐‐ Tim Worcester schrieb am Dienstag, 28. September 2021 um 13:11: > Unfortunately when you use an Identity Provider Guacamole itself never > handles the password (by design). > > Guacamole 1.3.0 released with the prompt feature where when configured for > SAML or OIDC RDP connections would send a prompt back to adhere to NLA. So > the user will need to enter their password again there. > > On Tue, Sep 28, 2021 at 6:39 AM International Security Providers > wrote: > >> Hey there >> >> I setup my Guacamole with SSO using SAML. >> I dont' think there's any way to pass the password.. but maybe there's some >> other way to authenticate the users against Windows RDP? >> >> best regards
using ${GUAC_PASSWORD} or similar with SSO (SAML)
Hey there I setup my Guacamole with SSO using SAML. I dont' think there's any way to pass the password.. but maybe there's some other way to authenticate the users against Windows RDP? best regards
