guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig Gibb <>
Subject Re: NLA and Rap connections in guacamole 0.9.10
Date Mon, 09 Jan 2017 09:32:39 GMT
Hi Mike thanks for the your answer, this exactly what i thought but no, we are using guacamole
mainly to remote 
in to Window7 and Windows 10 clients and they are still configured the same way. The new guacamole
installation using docker
is installed side by side of the old but using a new ip, so i would expect everything to work
as before apart from the changes that due
to the new version of the product.
So i cant really understand why, i can clearly see in the log that when i attempt to connect
with a rdp connection configure as before but
on the new version i get a security protocol negotiation error, och can not connect but if
i then change and add the account and password 
it works fine.


> 9 jan. 2017 kl. 10:00 skrev Mike Jumper <>:
> Hi Craig,
> Guacamole's authentication behavior has not changed. The new "any"
> option allows the RDP server to select the security mode of the
> connection, and it may well choose NLA, but the behavior of the past
> options has not been altered (including the default behavior).
> Newer versions of Windows will use NLA by default, with some requiring
> it for all connections. Could it be that the configuration of your RDP
> server has simply changed? Or that it's a different version of Windows
> than you used previously?
> Thanks,
> - Mike
> On Sun, Jan 8, 2017 at 9:04 AM, Craig Gibb <> wrote:
>> Hi i have a question maybe someone can answer, i have installed the new version together
with a postgres DB using
>> docker and everything went quite smooth but one difference i have seen between the
new version and the old one 0.9.6,
>> is that when you configure RDP connections it seems that they will not work unless
a account and password are configured
>> on the connection. This is also regardless if you choose to select any under the
security mode.
>> Can anyone tell me if is this by design ?
>> In the older version we could configure rep connections without adding any credentials
at all, and the user when executing then adds
>> the account and password at the time of logon.
>> The newer version reminds me more of NLA (Network Level Authentication) but with
no possability of choosing anything else.
>> /Regards Craig

View raw message