Appears you have Security mode: NLA enabled, you can either make sure
the Windows VDI/system has it enabled or disable on both ends. It
provides no real protection and is being depreciated by Microsoft.
*Thank You*
Sean Hulbert
*Security Centric Inc.*
A Cybersecurity Virtualization Enablement Company
/StormCloud Gov, Protected CUI Environment!/
Industry's most secure CMMC virtual desktops!
*/FedRAMP MIL4 in process (RAR)/*
System Award Management
*CAGE: 8AUV4*
*SAM ID: UMJLJ8A7BMT3*
AFCEA San Francisco Chapter President
If you have heard of a hacker by name, he/she has failed, fear the
hacker you haven’t heard of!
CONFIDENTIALITY NOTICE: This communication with its contents may contain
confidential and/or legally privileged information. It is solely for the
use of the intended recipient(s). Unauthorized interception, review, use
or disclosure is prohibited and may violate applicable laws including
the Electronic Communications Privacy Act. If you are not the intended
recipient, please contact the sender and destroy all copies of the
communication. Content within this email communication is not legally
binding as a contract and no promises are guaranteed unless in a formal
contract outside this email communication.
igitur qui desiderat pacem, praeparet bellum!!!
Epitoma Rei Militaris
On 7/23/2024 8:44 AM, Brad Turnbough wrote:
I should add the following:
Ubuntu 20.04
Guac 1.5.0
I created a whole new connection in Guac – no change in outcome.
Here is output of /var/log/syslog for the connection (tail –f
/var/log/syslog | grep –I guacd)
Jul 23 10:37:09 knx-guacamole-01 guacd[831]: Creating new client for
protocol "rdp"
Jul 23 10:37:09 knx-guacamole-01 guacd[831]: Connection ID is
"$9a8cb86d-bd6f-4f69-b871-6952461a1129"
Jul 23 10:37:09 knx-guacamole-01 guacd[667528]: Security mode: NLA
Jul 23 10:37:09 knx-guacamole-01 guacd[667528]: Resize method: none
Jul 23 10:37:09 knx-guacamole-01 guacd[667528]: No clipboard
line-ending normalization specified. Defaulting to preserving the
format of all line endings.
Jul 23 10:37:09 knx-guacamole-01 guacd[667528]: User
"@14b966a9-36c7-4b89-aa77-d8966ad6ae88" joined connection
"$9a8cb86d-bd6f-4f69-b871-6952461a1129" (1 users now present)
Jul 23 10:37:09 knx-guacamole-01 guacd[667528]: Loading keymap "base"
Jul 23 10:37:09 knx-guacamole-01 guacd[667528]: Loading keymap
"en-us-qwerty"
Jul 23 10:37:20 knx-guacamole-01 guacd[831]: Creating new client for
protocol "rdp"
Jul 23 10:37:20 knx-guacamole-01 guacd[831]: Connection ID is
"$89ab8eb3-b5a5-431f-816f-fa7393db319f"
Jul 23 10:37:20 knx-guacamole-01 guacd[667554]: Security mode: NLA
Jul 23 10:37:20 knx-guacamole-01 guacd[667554]: Resize method: none
Jul 23 10:37:20 knx-guacamole-01 guacd[667554]: No clipboard
line-ending normalization specified. Defaulting to preserving the
format of all line endings.
Jul 23 10:37:20 knx-guacamole-01 guacd[667554]: User
"@6386d3c3-cee0-4689-bc52-b10b48d9e9a5" joined connection
"$89ab8eb3-b5a5-431f-816f-fa7393db319f" (1 users now present)
Jul 23 10:37:20 knx-guacamole-01 guacd[667554]: Loading keymap "base"
Jul 23 10:37:20 knx-guacamole-01 guacd[667554]: Loading keymap
"en-us-qwerty"
Jul 23 10:37:27 knx-guacamole-01 guacd[667528]: RDP server
closed/refused connection: Disconnected.
Jul 23 10:37:29 knx-guacamole-01 guacd[667528]: User
"@14b966a9-36c7-4b89-aa77-d8966ad6ae88" disconnected (0 users remain)
Jul 23 10:37:29 knx-guacamole-01 guacd[667528]: Last user of
connection "$9a8cb86d-bd6f-4f69-b871-6952461a1129" disconnected
Jul 23 10:37:29 knx-guacamole-01 guacd[831]: Connection
"$9a8cb86d-bd6f-4f69-b871-6952461a1129" removed.
Jul 23 10:37:30 knx-guacamole-01 guacd[667554]: Connected to RDPDR
1.13 as client 0x0025
Jul 23 10:37:34 knx-guacamole-01 guacd[667554]: RDPDR user logged on
Thank you,
*Brad Turnbough*
Senior Technology Analyst
P: 309.272.2739 F: 309.272.2839
www.betterbanks.com <http://www.betterbanks.com/>
www.statestreetbank.com <http://www.statestreetbank.com>
NOTICE: The information contained in this email and any document
attached hereto is intended only for the named recipient(s). If you
are not the intended recipient, nor the employee or agent responsible
for delivering this message in confidence to the intended
recipient(s), you are hereby notified that you have received this
transmittal in error, and any review, dissemination, distribution or
copying of this transmittal or its attachments is strictly prohibited.
If you have received this transmittal and/or attachments in error,
please notify me immediately by reply e-mail and then delete this
message, including any attachments.
*From:* Brad Turnbough <bturnbo...@backlundinvestment.com>
*Sent:* Tuesday, July 23, 2024 10:31 AM
*To:* user@guacamole.apache.org
*Subject:* Assistance in troubleshooting unsuccessful RDP Connection
An RDP connection that was previously working is now no longer
working. We have probably around 60 RDP connections configured and
this is the only one not operating correctly.
I have verified that I can indeed still RDP into the box using the
windows native RDP client.
What logs / debug flags / etc… need to be turned on and collected in
order to provide meaningful information to troubleshoot and fix this
issue?
Thanks,
Brad
