further investigation shows that if I put in my credentials fast enough (less than 5 seconds), the connection works.
Zhou From: Zhou.Zeng <zhou.z...@target.com.INVALID> Date: Friday, August 16, 2024 at 2:13 PM To: user@guacamole.apache.org <user@guacamole.apache.org> Subject: [EXTERNAL] RDP NLA failure with Username Password Prompt Hi, I ran into a problem with using NLA security mode in RDP session and not sure if it is a bug with guacd. I am running guacamole and guacd using a docker compose file. The images I use are latest as of this writing: * docker.io/guacamole/guacamole@sha256:9bad57e60a0127d270275309ce93bb3cd4daa259cf85e57963075afa0180c0cb * docker.io/guacamole/guacd@sha256:3f1a735687d31ed6bc6965c6a40484767db2e2117dce6d23e3b07e9b24cbebaf First thing I did was setting up an RDP connection with username, password filled out (Domain is blank) and security mode set to NLA. The connection works and I have the logs below: guacd-1 | guacd[391]: DEBUG: Client is using protocol version "VERSION_1_5_0" guacd-1 | guacd[391]: INFO: Loading keymap "base" guacd-1 | guacd[391]: INFO: Loading keymap "en-us-qwerty" guacd-1 | guacd[391]: DEBUG: Support for CLIPRDR (clipboard redirection) registered. Awaiting channel connection. guacd-1 | guacd[391]: DEBUG: Support for static channel "rdpdr" loaded. guacd-1 | guacd[391]: DEBUG: Support for static channel "rdpsnd" loaded. guacd-1 | guacd[391]: DEBUG: Local framebuffer format PIXEL_FORMAT_BGRX32 guacd-1 | guacd[391]: DEBUG: Remote framebuffer format PIXEL_FORMAT_RGB16 guacd-1 | guacd[391]: DEBUG: CLIPRDR (clipboard redirection) channel connected. guacd-1 | guacd[391]: DEBUG: SVC "rdpdr" connected. guacd-1 | guacd[391]: DEBUG: SVC "rdpsnd" connected. guacd-1 | guacd[391]: DEBUG: Clipboard data received. Reporting availability of clipboard data to RDP server. guacd-1 | guacd[391]: INFO: Connected to RDPDR 1.13 as client 0x0011 Then I removed remove username and password from connection settings and attempted to connect and was prompted to enter them in the web UI. I entered the same credentials, but received the following error in the guacd logs: guacd-1 | guacd[410]: DEBUG: BIO_should_retry returned a system error 110: Operation timed out guacd-1 | guacd[410]: DEBUG: transport_write:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D] guacd-1 | guacd[410]: DEBUG: NLA begin failed guacd-1 | guacd[410]: DEBUG: freerdp_post_connect failed guacd-1 | guacd[410]: DEBUG: freerdp_connect:freerdp_set_last_error_ex ERRCONNECT_POST_CONNECT_FAILED [0x00020003] guacd-1 | guacd[410]: DEBUG: SVC "rdpdr" disconnected. guacd-1 | guacd[410]: DEBUG: SVC "rdpsnd" disconnected. guacd-1 | guacd[410]: INFO: RDP server closed/refused connection: Upstream error. Not sure what’s going on, hoping that it can be fixed if it is a bug or get some help to figure out what went wrong with my configuration. Zhou
