search

MysticRyuujin / guac-install

Script for installing Guacamole on Ubuntu
976 stars 270 forks source link

RDP Errors #233

Open CastilhosR opened 1 year ago

CastilhosR commented 1 year ago

Hi ! I'm using Apache Guacamole v 1.4.0 in a Ubuntu Lunix, 22.04. Linux server 5.15.0-53-generic #59-Ubuntu SMP x86_64 x86_64 x86_64 GNU/Linux.

I installed it as instructed in this project, with authentication over MySql.

After the basic settings, it was possible to make successfully connections using VNC and SSH protocol.

However, connections using RDP protocol always fail.

The error message allways is: "RDP server closed/refused connection: SSL/TLS connection failed (untrusted/self-signed certificate?)"


Nov 30 11:09:44 server guacd[78917]: Creating new client for protocol "rdp"
Nov 30 11:09:44 server guacd[78917]: Connection ID is "$c38e553a-707f-4d1f-ad8c-ce7223e140dc"
Nov 30 11:09:44 server guacd[79111]: Security mode: Negotiate (ANY)
Nov 30 11:09:44 server guacd[79111]: Resize method: none
Nov 30 11:09:44 server guacd[79111]: No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings.
Nov 30 11:09:44 server guacd[79111]: User "@ac69d743-49e8-4eb7-b8b6-2430ec9ee5f4" joined connection "$c38e553a-707f-4d1f-ad8c-ce7223e140dc" (1 users now present)
Nov 30 11:09:44 server guacd[79111]: Loading keymap "base"
Nov 30 11:09:44 server guacd[79111]: Loading keymap "pt-br-qwerty"
Nov 30 11:09:45 server guacd[79111]: RDP server closed/refused connection: SSL/TLS connection failed (untrusted/self-signed certificate?)
Nov 30 11:09:45 server guacd[79111]: User "@ac69d743-49e8-4eb7-b8b6-2430ec9ee5f4" disconnected (0 users remain)
Nov 30 11:09:45 server guacd[79111]: Last user of connection "$c38e553a-707f-4d1f-ad8c-ce7223e140dc" disconnected
Nov 30 11:09:45 server guacd[78917]: Connection "$c38e553a-707f-4d1f-ad8c-ce7223e140dc" removed.

I found some documentation about this error and everything points to the need to enable the "Ignore Server Certificate" option.

All the documentation gives examples using .XML files (/etc/guacamole/user-mapping.xml) and mentions to insert the line:

<param name="ignore-cert">true</param>

Ok, but I believe that using Mysql as a backend, the connections configuration table (guacamole_connection_parameter) should look like this (the relevant excerpt from the test configuration): 

select * from guacamole_connection_parameter where connection_id = 9;
+---------------+----------------+-------------------+
| connection_id | parameter_name | parameter_value   |
+---------------+----------------+-------------------+
|             9 | domain         | SINI              |
|             9 | hostname       | 192.168.0.83      |
|             9 | ignore-cert    | true              |
|             9 | password       | ********          |
|             9 | port           | 3389              |
|             9 | security       | any               |
|             9 | server-layout  | pt-br-qwerty      |
|             9 | username       | carlos.********** |
+---------------+----------------+-------------------+

"server-layout" parameter was manualy inserted.

But, the error persists ... Some ideas ?

EdPelegrini commented 7 months ago

Boa tarde. Estou com mesmo problema com KCM conseguiu resolver?