On Wed, Jun 11, 2025 at 3:09 PM D A <[email protected]> wrote: > Hi, > > I have a requirement to connect via RDP to various windows endpoints that > have NLA enabled. In guacamole I'm providing a username and password, and > have the ignore certificate option select. I'm setting the connection > security type to nla. > > However, the connection to each endpoint fails. I've attempted this with > multiple guacamole deployments and windows endpoints. The endpoints are not > domain joined, so I'm not providing a domain. > > Are there any settings that are required for RDP connections via NLA to > function? >
One thing that has caused problems for folks in the past is that the default user account that is specified in the provided init and systemd scripts for guacd (daemon) does not generally have write access to its home directory (often /usr/sbin), and RDP connections can fail if the FreeRDP library cannot write a known_hosts file to its home directory. > > Are there any specific logs that I can investigate? Any suggestions would > be awesome to hear. > > Yes, look at the logs for guacd - either in your syslog (/var/log/messages, journalctl, etc.) or via the container log facility (if you're running in Docker, Podman, etc.). If there's nothing obvious in those logs then try starting guacd with a higher log level and see if you get anything else. -Nick
