On Thu, Oct 12, 2017 at 2:33 PM, Carter Sema <cs...@acschools.org> wrote:
> OK! That seemed to work… But now there another error.
>
> When trying to connect to a machine it says “
>
> The remote desktop server is currently unreachable. If the problem
> persists, please notify your system administrator, or check your system
> logs.”
>
>
>
> And catalina.out says-
>
> “Thu Oct 12 14:19:21 EDT 2017 WARN: Establishing SSL connection without
> server's identity verification is not recommended. According to MySQL
> 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be established
> by default if explicit option isn't set. For compliance with existing
> applications not using SSL the verifyServerCertificate property is set to
> 'false'. You need either to explicitly disable SSL by setting useSSL=false,
> or set useSSL=true and provide truststore for server certificate
> verification.
>
>
>
> I don’t think the SQL error is causing the problem, but I might be wrong..
>
>
>
Check /var/log/messages or journalctl, depending on your Linux distro, to
see what the error is from guacd. The catalina.out file will tell you the
errors for the gaucamole-client stuff, but the error you're getting seems
to be coming from the guacamole-server side, when it tries to make the
connection via RDP.
One thing I've noticed in my experience with Guacamole + RDP - if you're
using Windows 8 or newer or Windows 2012 or newer, NLA is required by
default. If you've saved your username/password in Guacamole and have
turned on NLA, this will work - otherwise, if you have not saved your
credentials, and/or not enabled NLA, you might receive that error message.
You'll either need to relax Windows' restrictions on RDP connections such
that you can connect with older RDP clients, or you'll need to save your
credentials in the connection info. The other option is to log in to
Guacamole with the same credentials you'd use to connect to Windows (enable
LDAP authentication module, or set your username/password the same) and
then use the ${GUAC_USERNAME} and ${GUAC_PASSWORD} tokens to pass the
authentication information through. Hopefully at some point we'll get
parameter prompting into the Guacamole Client, which will allow for the
preferred combination: Use NLA, don't save credentials, but allow user to
enter credentials at connection time. Again, not sure if that's what
you're running into, but it could be.
-Nick
