On Tue, Sep 28, 2021 at 8:19 AM testanier thierry < [email protected]> wrote:
> Hi, > > I have no problem with Guacamole, i use many RDP without problem. > > Glad to hear that :-) > > If i use a user with "Protected Users" (Native group AD), it's not > fonctionnal. > > If the NLA is disabled and security mode is "empty", i have a return of my > RDP and i can enter the credentials and all are OK. > > I will remove the NLA from my servers. > > The "Protected Users" group blocks CredSSPs, which is why there is a > blockage. > > Disabling NLA really isn't a good idea. It sounds like you have some particular reason for doing it, so without knowing much about your environment, it's hard to say whether it's really required or not, but NLA has some specific security built into it designed to protect RDP connections, so if at all possible it is best to stick with it. -Nick
