You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Chris Miller <cj...@tryx.org> on 2016/10/21 18:47:55 UTC
Windows server
Hi Folks,
I have guacamole 0.9.9 up and running on Centos 7. My desktops connect with RDP effortlessly, but my domain controllers running Windows Server 2008r2 and Windows Server 2012r2 will not accept connections. After I log in and get my page of configured connections, and I select one of the Domain Controllers, I get a message, "The remote desktop server encountered an error and has closed the connection. Please try again or contact your system administrator."
I find no traces in the event log, so I'm flying blind here. Can anybody suggest where to look for clues about the discontent of my Windows Server boxes?
--
Chris.
V:916.974.0424
F:916.974.0428
Re: Windows server
Posted by Chris Miller <cj...@tryx.org>.
Hi Mike,
| Are those servers perhaps configured to require NLA?
| https://technet.microsoft.com/en-us/library/cc732713(v=ws.11).aspx
| If so, you would need to either configure the RDP servers to allow non-NLA
| connections, or configure Guacamole to use NLA, which will require specifying
| the username/password in the connection parameters:
| http://guacamole.incubator.apache.org/doc/gug/configuring-guacamole.html#rdp-authentication
| I believe Windows Server 2012 may additionally require that all connections use
| TLS, so if things still don't work there, explicitly specifying "tls" for the
| security mode in the connection parameters may help. If the cert used for TLS
| cannot be verified (ie: it's self-signed), you may also need to set
| "ignore-cert" to "true".
Thanks very much. This is very helpful. I'll investigate each of these points and report my results.
--
Chris.
V:916.974.0424
F:916.974.0428
Re: Windows server
Posted by Mike Jumper <mi...@guac-dev.org>.
On Fri, Oct 21, 2016 at 11:47 AM, Chris Miller <cj...@tryx.org> wrote:
> Hi Folks,
>
> I have guacamole 0.9.9 up and running on Centos 7. My desktops connect
> with RDP effortlessly, but my domain controllers running Windows Server
> 2008r2 and Windows Server 2012r2 will not accept connections. After I log
> in and get my page of configured connections, and I select one of the
> Domain Controllers, I get a message, "The remote desktop server encountered
> an error and has closed the connection. Please try again or contact your
> system administrator."
>
> I find no traces in the event log, so I'm flying blind here. Can anybody
> suggest where to look for clues about the discontent of my Windows Server
> boxes?
>
>
Are those servers perhaps configured to require NLA?
https://technet.microsoft.com/en-us/library/cc732713(v=ws.11).aspx
If so, you would need to either configure the RDP servers to allow non-NLA
connections, or configure Guacamole to use NLA, which will require
specifying the username/password in the connection parameters:
http://guacamole.incubator.apache.org/doc/gug/configuring-guacamole.html#rdp-authentication
I believe Windows Server 2012 may additionally require that all connections
use TLS, so if things still don't work there, explicitly specifying "tls"
for the security mode in the connection parameters may help. If the cert
used for TLS cannot be verified (ie: it's self-signed), you may also need
to set "ignore-cert" to "true".
- Mike
Re: Windows server
Posted by Chris Miller <cj...@tryx.org>.
Hi Omar,
| I have workstations and servers configured just fine. I don't think I had to do
| anything special for domain controllers. Are you connecting with a user who is
| a member of "Domain Admins"?
Yes. Well, I am logging on to the web page with my "user" credentials, but user-mapping.xml specifies the credentials of a domain administrator, so I'm pretty sure the answer to your question is, "Yes.".
--
Chris.
V:916.974.0424
F:916.974.0428
Re: Windows server
Posted by Omar Sandoval <om...@gmail.com>.
I have workstations and servers configured just fine. I don't think I had
to do anything special for domain controllers. Are you connecting with a
user who is a member of "Domain Admins"?
On Fri, Oct 21, 2016 at 11:48 AM Chris Miller <cj...@tryx.org> wrote:
> Hi Folks,
>
> I have guacamole 0.9.9 up and running on Centos 7. My desktops connect
> with RDP effortlessly, but my domain controllers running Windows Server
> 2008r2 and Windows Server 2012r2 will not accept connections. After I log
> in and get my page of configured connections, and I select one of the
> Domain Controllers, I get a message, "The remote desktop server encountered
> an error and has closed the connection. Please try again or contact your
> system administrator."
>
> I find no traces in the event log, so I'm flying blind here. Can anybody
> suggest where to look for clues about the discontent of my Windows Server
> boxes?
> --
> Chris.
>
> V:916.974.0424 <(916)%20974-0424>
> F:916.974.0428 <(916)%20974-0428>
>