guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Jumper <>
Subject Re: RDP
Date Tue, 30 Apr 2019 18:48:44 GMT
On Tue, Apr 30, 2019 at 11:42 AM Mike Jumper <> wrote:

> On Tue, Apr 30, 2019 at 11:31 AM Lance Gropper <
>> wrote:
>> Hello All:
>> Now I'm trying to get guacamole to work with RDP, and was wondering if
>> anyone had any suggestions as far as what I could be doing wrong: I am
>> using Active Directory, and have the username, password, and domain
>> entered, but when I try to connect, I get the messages below. It looks like
>> it's ignoring the user I'm entering for that system, and using the user
>> name that I'm logged in to guacamole with instead.
> This will not happen automatically. The values given for username,
> password, etc. are always taken from connection parameters. The only
> exceptions to this would be if you explicitly entered ${GUAC_USERNAME} or
> if you wrote an extension which derives these values dynamically.
> If you have one value entered in for username already, but a different
> value is taking effect, things aren't being ignored; the only possibility
> is that the different value is the one currently stored. Beware that some
> authentication methods like user-mapping.xml will cache the details of
> connections for the duration of the user's session. LDAP will do this, as
> well, for any connections which are stored within the LDAP directory. The
> database authentication will not cache things. If writing your own
> extension, it's up to you whether things are cached.


If the reason you are saying that it looks like Guacamole is using your
current username rather than the one entered for the system is due to the
following message in the logs:

"Apr 30 11:26:04 guacamole-post server: 11:26:04.829 [http-bio-8080-exec-6]
INFO  o.a.g.tunnel.TunnelRequestService - User "test" connected to
connection "3"."

That message is from the webapp, not guacd. It is only noting that the
webapp user "test" attempted to use that particular connection and is
purely an informational message from the perspective of the webapp. It has
no bearing on the username/password/etc. actually used by the connection
and is not logging the credentials sent as connection parameters. The
connection to the RDP server established by guacd will use the connection
parameters sent to it by the webapp, which in this case will be the
parameters retrieved from the database.

- Mike

View raw message