RE: MFA on RDP
Hi Nick, Well at least I do have some solid information to work with, I agree its not a good solution. But I guess we will be able to get some workaround for this. Thanks for the info, threat can be closed. Kind regards, Wesley. From: Nick Couchman Sent: Friday, May 29, 2020 1:55 PM To: user@guacamole.apache.org Subject: Re: MFA on RDP On Wed, May 27, 2020 at 3:35 AM Wesley de Graaf mailto:wes...@workspace365.net>> wrote: Hi, Sometimes we encounter an issue with the default timeout on the RDP connection in the guacamole. As far as we know the default is 15 seconds. But in some cases a user has to give an MFA consent on RDP connection and then the 15 seconds are to short and the connection is closed and reconnect attempt is started. Does anyone have a suggestion for this? This is something I've looked into in the past - in fact, I have a JIRA issue opened for the ability to configure timeouts. Unfortunately, the way RDP support works in Guacamole, leveraging the FreeRDP libraries, it relies on the FreeRDP libraries for the ability to set things like timeout, and the FreeRDP library does not support that, and they have basically refused to implement it. So, I'm not sure there's a good answer for this today, except to educate users that they'd better have MFA ready when they log in so that they can hit that 15 second window. And, yes, I know that's not a good answer -Nick
Re: MFA on RDP
On Wed, May 27, 2020 at 3:35 AM Wesley de Graaf wrote: > Hi, > > > > Sometimes we encounter an issue with the default timeout on the RDP > connection in the guacamole. As far as we know the default is 15 seconds. > But in some cases a user has to give an MFA consent on RDP connection and > then the 15 seconds are to short and the connection is closed and reconnect > attempt is started. > > > > Does anyone have a suggestion for this? > > > This is something I've looked into in the past - in fact, I have a JIRA issue opened for the ability to configure timeouts. Unfortunately, the way RDP support works in Guacamole, leveraging the FreeRDP libraries, it relies on the FreeRDP libraries for the ability to set things like timeout, and the FreeRDP library does not support that, and they have basically refused to implement it. So, I'm not sure there's a good answer for this today, except to educate users that they'd better have MFA ready when they log in so that they can hit that 15 second window. And, yes, I know that's not a good answer -Nick >
MFA on RDP
Hi, Sometimes we encounter an issue with the default timeout on the RDP connection in the guacamole. As far as we know the default is 15 seconds. But in some cases a user has to give an MFA consent on RDP connection and then the 15 seconds are to short and the connection is closed and reconnect attempt is started. Does anyone have a suggestion for this? Kind regards, Wesley
