Re:rdp initial program
And I notice there is another config param, named remoteApp. It work on windows rdp with this tool. kimmknight/remoteapptool: Create and manage RemoteApps hosted on Windows 7, 8, 10, 11, XP and Server. Generate RDP and MSI files for clients. (github.com) So, which type RDP support initial-program? Does windows rdp support initial-program? What difference betweed initial-program and remoteApp? THX At 2024-03-04 15:05:38, "Simon" wrote: hi, I have a windows rdp connection, it worked well. But, it does not work when i give a config for initial program. My pc's system is Windows 11 Enterprise, and conf initial-program with C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE . It just connect rdp, no app launch when connect on. thx
rdp initial program
hi, I have a windows rdp connection, it worked well. But, it does not work when i give a config for initial program. My pc's system is Windows 11 Enterprise, and conf initial-program with C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE . It just connect rdp, no app launch when connect on. thx
guac 1.5.0 failed to access vnc
hi, I have run guac in docker, version 1.5.0 and in db model.
Error SSL_ERROR_RX_RECORD_TOO_LONG in browser
_I run the following docker container: mariadb, guacd, guacamole.
_Connected everythin as mentioned in the docu.
_These are the running container:
simon@simon-itx:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
91369524edf5 guacamole/guacamole "/opt/guacamole/bin/…" 8 minutes
ago Up 8 minutes 0.0.0.0:8085->8080/tcp,
:::8085->8080/tcp guacamole
d1154826a495 guacamole/guacd "/bin/sh -c '/usr/lo…" 29
minutes ago Up 29 minutes (healthy) 4822/tcp some-guacd
049356de6e39 phpmyadmin "/docker-entrypoint.…" About an hour ago
Up About an hour 0.0.0.0:8084->80/tcp, :::8084->80/tcp
phpmyadmin
3f4885e4541b mariadb:latest "docker-entrypoint.s…" 2 hours
ago Up 2 hours 3306/tcp
mariadb
_This is the error in the browser:
_SSL_ERROR_RX_RECORD_TOO_LONG
_This is my logs of guacamole
_29-Sep-2022 15:01:24.348 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server version
name: Apache Tomcat/8.5.82
_29-Sep-2022 15:01:24.354 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server built:
Aug 8 2022 21:26:07 UTC
_29-Sep-2022 15:01:24.355 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server version
number: 8.5.82.0
_29-Sep-2022 15:01:24.355 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log OS Name:
Linux
_29-Sep-2022 15:01:24.355 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log OS Version:
5.15.0-48-generic
_29-Sep-2022 15:01:24.355 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Architecture:
amd64
_29-Sep-2022 15:01:24.356 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Java Home:
/opt/java/openjdk/jre
_29-Sep-2022 15:01:24.356 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log JVM Version:
1.8.0_345-b01
_29-Sep-2022 15:01:24.356 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor:
Temurin
_29-Sep-2022 15:01:24.356 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE:
/home/guacamole/tomcat
_29-Sep-2022 15:01:24.356 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME:
/usr/local/tomcat
_29-Sep-2022 15:01:24.357 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument:
-Djava.util.logging.config.file=/home/guacamole/tomcat/conf/logging.properties
_29-Sep-2022 15:01:24.357 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
_29-Sep-2022 15:01:24.358 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Djdk.tls.ephemeralDHKeySize=2048
_29-Sep-2022 15:01:24.358 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
_29-Sep-2022 15:01:24.361 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
_29-Sep-2022 15:01:24.361 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Dignore.endorsed.dirs=
_29-Sep-2022 15:01:24.362 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Dcatalina.base=/home/guacamole/tomcat
_29-Sep-2022 15:01:24.362 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Dcatalina.home=/usr/local/tomcat
_29-Sep-2022 15:01:24.362 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line
argument: -Djava.io.tmpdir=/home/guacamole/tomcat/temp
_29-Sep-2022 15:01:24.362 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
Apache Tomcat Native library [1.2.35] using APR version [1.7.0].
_29-Sep-2022 15:01:24.363 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
capabilities: IPv6 [true], sendfile [true], accept filters [false],
random [true], UDS [\{4}].
_29-Sep-2022 15:01:24.363 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
configuration: useAprConnector [false], useOpenSSL [true]
_29-Sep-2022 15:01:24.379 INFO [main]
org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL
successfully initialized [OpenSSL 3.0.2 15 Mar 2022]
_29-Sep-2022 15:01:24.616 INFO [main]
org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler
["http-nio-8080"]
_29-Sep-2022 15:01:24.676 INFO [main]
org.apache.catalina.startup.Catalina.load Initializat
Re:Re: when AuthenticationFailureEvent happen, redirect to other website
thanks . I have no idea about, pls more details. 在 2022-03-01 23:19:09,"Nick Couchman" 写道: On Tue, Mar 1, 2022 at 3:13 AM Simon wrote: hello, I build a authentication provider guac-ext. sometimes, authenticate failed, I notices that, guac-ext provide `Listener`. when I handle AuthenticationFailureEvent, can i redirect this request to other website, like google.com. I don't think the event listener can trigger a redirect, I think you'd need to do that with an AuthenticationProvider. -Nick
is there any method to remove "guacamole" in web url
hello, in default, we visit guac in browser, root web rul contain "guacamole". is there any method to remove "guacamole" in web url? thx
when AuthenticationFailureEvent happen, redirect to other website
hello, I build a authentication provider guac-ext. sometimes, authenticate failed, I notices that, guac-ext provide `Listener`. when I handle AuthenticationFailureEvent, can i redirect this request to other website, like google.com. thx
Re:Re: Help Graphical session recording
thanks a lot. Is 'guacenc' build on ffmpeg? I use ffmpeg to convert recording file to mp4 failed. ``` ffmpeg -i output.mp4 ``` can I deal recording file laike this? and how? thanks 在 2022-02-13 20:36:40,"Nick Couchman" 写道: On Sat, Feb 12, 2022 at 11:26 PM miao wrote: Hello, I run Guacamole in docker, and generate Graphical session recording with no suffix. How can I use “gugaenc” tool to trans recording file to mp4? Two container has no “gugaenc” tool. The correct name of the tool is guacenc. That side, the guacd Docker container is not built with ffmpeg libraries, so guacenc support is not built. If you want that, you'll need to download the source code for guacd (guacamole-server) and install the required ffmpeg libraries and build guacenc that way. And can guacd generate recording file with mp4 suffix? You can set the suffix to whatever you like, but guacd cannot generate a MP4 recording file directly - guacenc is required to convert the raw Guacamole protocol dumps that guacd generates to MP4. -Nick
guacamole-ext authentication provider, when failed, redirect to third part web
hello, I'm wording to build my authentication provider ext. then, I extends SimpleAuthenticationProvider class to make it. while all auth params config is ok, it work well. now, what I want is, when my AuthenticationProvier work error, can I redirect wrong web page to third pard web url, like company homepage. what can should i do thanks.
Re:Re: Fw:ssh typescripts recording
thanks . but there another issue. here is guacd log ``` guacd[8]: INFO: Connection "$1b98e104-5690-4678-a8e8-a2b3101b" removed. guacd[8]: INFO: Creating new client for protocol "ssh" guacd[8]: INFO: Connection ID is "$9723599a-bbf3-49e1-8262-fe04a1c6bb6a" guacd[3235]: INFO: User "@d2be2022-cbfc-4f16-9300-6a036f153a14" joined connection "$9723599a-bbf3-49e1-8262-fe04a1c6bb6a" (1 users now present) guacd[3235]: ERROR: Creation of recording failed: No such file or directory guacd[3235]: ERROR: Creation of typescript failed: No such file or directory ``` it shoud be create dir auto as i config 在 2022-01-26 16:03:40,"Mike Jumper" 写道: On Tue, Jan 25, 2022, 23:59 Simon wrote: Forwarding messages From: "Simon" Date: 2022-01-26 15:06:00 To: user@guacamole.apache.org Subject: ssh typescripts recording hello, I run guacamole 1.4.0 in docker, with mysql authentication. I have linked my remote server by ssh, and then i want generate typescripts files.I make config for that in guacamole admin, but typescript didn't appear. here are my env, and config docker containers in guacamole container ``` $ pwd /home/guacamole $ ls -l total 8 drwxrwxrwx 2 guacamole guacamole 4096 Jan 26 06:37 recording drwxr-xr-x 7 guacamole guacamole 4096 Jan 24 02:37 tomcat $ ``` in guacamole admin then I make a connection, and do some coding but in docker container has noting generte. ``` $ pwd /home/guacamole/recording $ ls $ ``` anything I do wrong? please help me with it. It is guacd that writes the recordings and typescripts, not the Guacamole webapp/container. - Mike
RE: saml-group-attribute
This has helped me a lot, finally I can get my users mapped to groups. I just used Group instead of Role but the important part is to fill "saml-group-attribute" with the full url. Thanks alot! Btw, is there any table which claims my IdP would have to provide in order to fill the fields for my user's email address, organization, full name and so forth? -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
Re: SAML SP Metadata
You do not necessarily provide SP Metadata to your IdP, it's optional. If you really have to implement this you need to create the metadata.xml and make it (publicly) available to your IdP. The important part is that you can reach your IdP's metadata.xml and this URL has to be entered as value for the "saml-idp-metadata-url" key. The parameter to only accept signed SamlResponses is "saml-strict: true" in your guacamole.properties file, it's up to the SP to decide if it accepts signed or unsigned responses from the IdP. As ACS URL you can tell your IdP to use the FQDN of Guacamole like a user accessing your guacamole instance would type it. Regards, Simon Müller -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
RE: [EXTERNAL] Re: SAML Authentication Extension Group Membership
Hey there, I am also trying to find a solution for this topic. Thanks to you, Ariel, I have successfully achieved logging in by transforming the claim in my IdP (ADFS) to Name Id - Format "Email-Address". Now I am struggling with the fact that for every user logging in, I would have to add them manually to a group and also add every connection to every group manually. That's where saml-group-attribute could come in handy...So I configured "Send group membership as claim" as an additional claim issuance rule and the debug messages look promising so far: In my guacamole.properties, I explicitly set "saml-group-attribute: Group" Of course I created this particular group beforehand in my guacamole-server currently backed by mysql. It seems the attributes are not honored at all. It would be really great if I could fill a mininum of attributes like "Full Name","E-Mail","Organization", "Department". Another question that arises: How can I still use the REST API with the saml-auth enabled? In Jira I read something about the idea to provide an extra button for the SSO authentication so that you can still login with local users. Is there any intel when and if this will be possible in the future? PS: Logging out currently is not possible at all, am I right? But that is my least concern. ;) -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ - To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
[Help] Enabling TOTP Plugin with Docker
Hi, i have some trouble with enabling the TOTP plugin for a Docker installation. The guacamole without TOTP extension runs fine. So, after that, i did the following: - I defined a GUACAMOLE_HOME, say: /config - I mounted a host folder to /config - I placed the jar inside the host folder and finally started the container I can confirm that the container startup script copys the extension from /config to /root/.guacamole which apparently is the real guacamole home. After that, i try to access guacamole from my browser and have problems now: After a login, i only get a message: TOTP.INFO_ENROLL_REQUIRED and a Next-Button. Clicking on the button spawns a red flash message, saying TOTP.INFO_VERIFICATION_FAILED. Additional info: I use MySQL as an auth backend, and the user is allowed to set their own password. The log file has no visible errors, only some "auth successful" messages when i do the first user/password login step. For me it seems that guacamole is able to load the extension, but instead of spawning the QR code and other items, i only get these error messages. I have no idea, why, and am kindly asking for help because of this. Thank you very much and best regards, Simon
