You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Michael Hutterer <Mi...@rohde-schwarz.com> on 2020/08/10 07:10:03 UTC
RE: [Newsletter] Antw: RDP not working after Guacamole 1.2.0
Upgrade
Hi,
From what the ticket tells me, the devs had some issues reproducing the problem.
We reverted to Guacamole 1.0.0 in the meantime, but the error discussed in the JIRA ticket was reliably reproduceable for me on our installation.
Can I help you collecting information about this? What’s the plan to overcome this behavior?
Or is there a workaround/migration idea to fix it moving from 1.0.0 to 1.2.0?
Regards,
Michael
From: Robert Bloch <bl...@ibi.tu-berlin.de>
Sent: Thursday, August 6, 2020 4:20 PM
To: user@guacamole.apache.org
Subject: *EXT* [Newsletter] Antw: RE: RDP not working after Guacamole 1.2.0 Upgrade
Hello Michael,
Do you have the same issue https://issues.apache.org/jira/projects/GUACAMOLE/issues/GUACAMOLE-942?filter=allopenissues?
Regrads,
>>> Michael Hutterer <Mi...@rohde-schwarz.com>> 06.08.2020 11:20 >>>
Hi Gabriel, Hi everyone,
I noticed the replys but sadly both didn’t help our prolem:
1. Win7 Issues with RDP => We deactivated all optimizations for our RDP, but this didn’t change any behavior
2. We are using the provided Containers from DockerHub, so changing the underlying OS shouldn’t be something that comes in mind here ?!
Can I provide any other information to find an idea on what doesn’t work here?
Regards,
Michael
From: Gabriel Huerta Araujo <hu...@globalhitss.com.INVALID>>
Sent: Wednesday, August 5, 2020 4:18 PM
To: user@guacamole.apache.org<ma...@guacamole.apache.org>
Subject: *EXT* [Newsletter] RE: RDP not working after Guacamole 1.2.0 Upgrade
My user had same problem. Solution is whether using Fedora instead of Ubuntu.
Regards.
De: Michael Hutterer <Mi...@rohde-schwarz.com>>
Enviado el: miércoles, 05 de agosto de 2020 07:33 a.m.
Para: user@guacamole.apache.org<ma...@guacamole.apache.org>
Asunto: RE: RDP not working after Guacamole 1.2.0 Upgrade
Hi everyone,
I’m very sorry to bother you again, but we didn’t succeed in figuring out, what prevents guacamole from working with RDP connections after the 1.0.0 -> 1.2.0 Update. (See below)
BTW: We are using the Containers from DockerHub, but not with a root user but an arbitrary userId.
Directory-Permissions are set based on group permissions for this user, e.g. to allow writing to the home-directory for FreeRDP.
Can you have a look at my error description and possibly provide some ideas on how to proceed?
Regards,
Michael
From: Hutterer Michael 1DS5
Sent: Tuesday, July 28, 2020 12:27 PM
To: 'user@guacamole.apache.org' <us...@guacamole.apache.org>>
Subject: RDP not working after Guacamole 1.2.0 Upgrade /cr/
Hi everyone,
We were looking into updating our Guacamole Installation from 1.0.0 to 1.2.0. Up until now Guacamole worked like a charm 😊
Reading the Changelogs I noticed that the home-directory of the guacd user needs to be writable, which we managed to achieve. So this common pit fall seems to be avoided since we are not getting the Warning about “FreeRDP 2.0 needs to have write access to the home directory” in our logs anymore.
However, RDP connections are still not working, while VNC connections are fine.
The browser UI doesn’t succeed to connect to the RDP hosts giving us the message: “The remote desktop server is currently unreachable. If the problem persists, please notify your system administrator, or check your system logs.”
I did make sure, that the RDP host is indeed ready to accept sessions, before the update those hosts worked fine with Guacamole 1.0.0.
From the network Tab of the Browser I see, that a certain requests always fails:
https://{GuacamoleHost}/api/session/tunnels/51422b95-c6b8-4984-9431-cd054e05d18e/activeConnection/connection/sharingProfiles?token=88A946C3B949C5060041E28DC1D5E8477848553205D6E7E42B8E07A8C25E343B<https://%7bGuacamoleHost%7d/api/session/tunnels/51422b95-c6b8-4984-9431-cd054e05d18e/activeConnection/connection/sharingProfiles?token=88A946C3B949C5060041E28DC1D5E8477848553205D6E7E42B8E07A8C25E343B>
The request fails with a 404 status code and the following response content:
1. {message: "No readable active connection for tunnel.",…}
* expected: null
* message: "No readable active connection for tunnel."
* statusCode: null
* translatableMessage: {key: "APP.TEXT_UNTRANSLATED", variables: {MESSAGE: "No readable active connection for tunnel."}}
* key: "APP.TEXT_UNTRANSLATED"
* variables: {MESSAGE: "No readable active connection for tunnel."}
* MESSAGE: "No readable active connection for tunnel."
* type: "NOT_FOUND"
Sometime also:
1. {message: "No such tunnel.",…}
* expected: null
* message: "No such tunnel."
* statusCode: null
* translatableMessage: {key: "APP.TEXT_UNTRANSLATED", variables: {MESSAGE: "No such tunnel."}}
* key: "APP.TEXT_UNTRANSLATED"
* variables: {MESSAGE: "No such tunnel."}
* type: "NOT_FOUND"
Our backend produces the logs I attached below.
I am not sure if the 404 response is part of the problem or just a symptom, since the tunnel is closed immediately in the backend, so that the slightly later sharingProfile-Request hits the backend when the session is already closed/delete again.+
From the Guacamole logs we see, that after only 55 milliseconds the tunnel gets disconnected. But the next message “Unexpected internal error:” and the following log don’t give a clear hint on how I could fix this issue?!
Can anybody relate of has an idea, on how we can get our Guacamole instance working with RDP again?
Regards,
Michael
Guacamole Logs:
10:07:05.099 [http-nio-8080-exec-9] INFO o.a.g.tunnel.TunnelRequestService - User "5440c916-6c02-4039-a574-4ea281d4b302" connected to connection "1817".
10:07:05.154 [http-nio-8080-exec-7] INFO o.a.g.tunnel.TunnelRequestService - User "5440c916-6c02-4039-a574-4ea281d4b302" disconnected from connection "1817". Duration: 55 milliseconds
10:07:05.319 [http-nio-8080-exec-1] ERROR o.a.g.rest.RESTExceptionMapper - Unexpected internal error:
### Error querying database. Cause: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND
(
guacamole_connection_permission.entity_id = 9
' at line 19
### The error may exist in org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml
### The error may involve defaultParameterMap
### The error occurred while setting parameters
### SQL: SELECT guacamole_connection.connection_id, guacamole_connection.connection_name, parent_id, protocol, max_connections, max_connections_per_user, proxy_hostname, proxy_port, proxy_encryption_method, connection_weight, failover_only, MAX(start_date) AS last_active FROM guacamole_connection JOIN guacamole_connection_permission ON guacamole_connection_permission.connection_id = guacamole_connection.connection_id LEFT JOIN guacamole_connection_history ON guacamole_connection_history.connection_id = guacamole_connection.connection_id WHERE guacamole_connection.connection_id IN AND ( guacamole_connection_permission.entity_id = ? ) AND permission = 'READ' GROUP BY guacamole_connection.connection_id; SELECT primary_connection_id, guacamole_sharing_profile.sharing_profile_id FROM guacamole_sharing_profile JOIN guacamole_sharing_profile_permission ON guacamole_sharing_profile_permission.sharing_profile_id = guacamole_sharing_profile.sharing_profile_id WHERE primary_connection_id IN AND ( entity_id = ? ) AND permission = 'READ'; SELECT guacamole_connection_attribute.connection_id, attribute_name, attribute_value FROM guacamole_connection_attribute JOIN guacamole_connection_permission ON guacamole_connection_permission.connection_id = guacamole_connection_attribute.connection_id WHERE guacamole_connection_attribute.connection_id IN AND ( entity_id = ? ) AND permission = 'READ';
### Cause: com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'AND
(
guacamole_connection_permission.entity_id = 9
' at line 19
Guacd Logs:
guacd[9]: INFO: Creating new client for protocol "rdp"
guacd[9]: INFO: Connection ID is "$24c26fab-26d5-4572-8100-0c12f0708891"
guacd[1460]: INFO: Security mode: Negotiate (ANY)
guacd[1460]: INFO: Resize method: none
guacd[1460]: INFO: User "@12692a97-478b-4563-b0b0-e332fd47042d" joined connection "$24c26fab-26d5-4572-8100-0c12f0708891" (1 users now present)
guacd[1460]: INFO: Loading keymap "base"
guacd[1460]: INFO: Loading keymap "en-us-qwerty"
guacd[1460]: ERROR: Error connecting to RDP server
guacd[1460]: INFO: User "@12692a97-478b-4563-b0b0-e332fd47042d" disconnected (0 users remain)
guacd[1460]: INFO: Last user of connection "$24c26fab-26d5-4572-8100-0c12f0708891" disconnected
guacd[9]: INFO: Connection "$24c26fab-26d5-4572-8100-0c12f0708891" removed.
Content provided within this e-mail including any attachments, is for the use of the intended recipients and may contain Rohde & Schwarz company restricted information. Any unauthorized use, disclosure, or distribution of this communication in whole or in part is strictly prohibited. If you are not the intended recipient, please notify the sender by reply email or by telephone and delete the communication in its entirety.
Content provided within this e-mail including any attachments, is for the use of the intended recipients and may contain Rohde & Schwarz company restricted information. Any unauthorized use, disclosure, or distribution of this communication in whole or in part is strictly prohibited. If you are not the intended recipient, please notify the sender by reply email or by telephone and delete the communication in its entirety.
Content provided within this e-mail including any attachments, is for the use of the intended recipients and may contain Rohde & Schwarz company restricted information. Any unauthorized use, disclosure, or distribution of this communication in whole or in part is strictly prohibited. If you are not the intended recipient, please notify the sender by reply email or by telephone and delete the communication in its entirety.