search

cedrozor / myrtille

A native HTML4 / HTML5 Remote Desktop Protocol and SSH client
https://www.myrtille.io
Apache License 2.0
1.78k stars 369 forks source link

RDP session fom API using enterprise #330

Open KristianLake opened 2 years ago

KristianLake commented 2 years ago

Hi @cedrozor

I was wondering if you could help me understand what I am doing wrong.

I am posting to the endpoint ConnectionService/GetConnectionId

{
    "User": {
        "Domain": "MYDOMAIN",
        "UserName": "myusername",
        "Password": "mypassword"
    },
    "Host" {
        "IPAddress": "10.11.12.13"
    },
    "AllowRemoteClipboard": true,
    "AllowFileTransfer": true,
    "AllowPrintDownload": false,
    "AllowAudioPlayback": true,
    "MaxActiveGuests": 5,
    "GatewayUrl": "http://myurl/Myrtille"
}

And I receive back a GUID (fake guid in this example - but I do get a proper one back) 12341234-1234-1234-123412341234

Next steps I am a little unsure about. What I have been doing is building up the connection id like so.

http://myurl/Myrtille/?cid=12341234-1234-1234-123412341234&__EVENTTARGET=&__EVENTARGUMENT=&connect=Connect%21

On connection it redirects as expected

http://myurl/Myrtille/(S(MySessionID))?cid=12341234-1234-1234-123412341234&__EVENTTARGET=&__EVENTARGUMENT=&connect=Connect%21

However I am looking at the AD login screen with just username/password and its saying "Unknown error occured".

The Myrtille.Web.log shows me three new entries.

Failed to retrieve the active enterprise session (System.NullReferenceException) at Myrtille.Web.EditHost.Page_Load Failed to load credentials prompt (System.NullReferenceException) at Myrtille.Web.popups.CredentialsPrompt.Page_Load Failed to retrieve the active enterprise session (System.NullReferenceException) at Myrtille.Web.EditHost.Page_Load

I am unsure If I am doing something wrong. I have tried to make the ConnectionService/GetConnectionId post with the Domain, Without and with it set to null.

Manually going though Myrtille works fine. I can login fine using AD. I can edit/create new hosts and I can connect to the servers fine.

Hope you can help. Let me know if you need any more information.

Thanks

KristianLake commented 2 years ago

After updating the Myrtille.Admin.Services.exe.config file which was missing a bit of stuff I now get the following instead

Requesting authentication of user MYDOMAIN\

I assume its supposed to be MYDOMAIN\myusername

Any ideas?

KristianLake commented 2 years ago

If i add the servername, username and password to the url it does get me further but doesn't connect to the server. just lists the servers under admin

cedrozor commented 2 years ago

Hi @KristianLake ,

Do you have special characters (i.e.: @ or ) into the domain, username or password that should be escaped into the JSON data? are the credentials correct? (CredentialsPrompt popup is meant to be displayed if they are not).

It could also be due to the inability of Myrtille to resolve the domain name. Is the DNS correctly configured on the Myrtille machine? you can try to use the netbios name of the domain, if that helps.

I made a demo for the Myrtille API connect: https://myrtille.io/mp4/rdp%20connect%20from%20api.mp4

KristianLake commented 2 years ago

Hi @cedrozor Thanks for getting back to me. If I disable AD it works fine.

with AD enabled the guest sessions all work great.

I will double check the video tomorrow and attempt to get it working again. I don't think I'm using any special characters in the domain, username or password ( maybe a _ and a ! )

How could I check the DNS is correctly configured? The machine is definitely on an AD network and standard RDP logins work fine to it.

cedrozor commented 2 years ago

In the issue title, you mention using enterprise. Do yo have Myrtille configured in enterprise mode?

That is, into Myrtille.Services.exe.config, did you configured the section below to use the enterprise adapter?

    <!-- uncomment the adapter line below to use enterprise mode -->
    <!--<add key="EnterpriseAdapter" value="Myrtille.Enterprise.ActiveDirectory, Myrtille.Enterprise" />-->
    <add key="EnterpriseAdminGroup" value="a domain group who can administer hosts" />
    <add key="EnterpriseDomain" value="the name of your domain (i.e. MYDOMAIN or mydomain.local) or the domain controller FQDN or IP" />
    <add key="EnterpriseNetbiosDomain" value="the netbios domain name (i.e. MYDOMAIN)" />

If yes, that could be the issue. I don't remember all the details (have to re-check it), but it could interfere with the connection API in some circumstances. Could you try to disable the enterprise mode (comment the adapter line into the config) and see if it works?

cedrozor commented 2 years ago

How could I check the DNS is correctly configured? The machine is definitely on an AD network and standard RDP logins work fine to it.

nslookup

KristianLake commented 2 years ago

Thanks nslookup was good.

I will try commenting out the adapter and let you know if it worked. Thank you.

KristianLake commented 2 years ago

disabling enterprise mode makes it work.

this is the block of code where the username bit is blank.

public EnterpriseSession Authenticate(string username, string password) { try { Trace.TraceInformation("Requesting authentication of user {0}", string.IsNullOrEmpty(Program._enterpriseNetbiosDomain) ? username : string.Format("{0}\\{1}", Program._enterpriseNetbiosDomain, username)); return Program._enterpriseAdapter.Authenticate(username, password, Program._enterpriseAdminGroup, Program._enterpriseDomain, Program._enterpriseNetbiosDomain); } catch (Exception ex) { Trace.TraceError("Failed to authenticate user {0}, ({1})", username, ex); return null; } }

in non ad the log shows

Requesting authentication of user MYDOMAIN\myusername

but with AD enabled it shows Requesting authentication of user MYDOMAIN\

cedrozor commented 2 years ago

Thanks for these details, I'll have a look at this.