{"id":803,"date":"2024-10-01T14:39:05","date_gmt":"2024-10-01T20:39:05","guid":{"rendered":"https:\/\/thecweb.com\/?p=803"},"modified":"2024-10-17T23:44:35","modified_gmt":"2024-10-18T05:44:35","slug":"rdp-with-guac","status":"publish","type":"post","link":"https:\/\/thecweb.com\/index.php\/2024\/10\/01\/rdp-with-guac\/","title":{"rendered":"RDP with Guac"},"content":{"rendered":"\n<figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"321\" height=\"225\" src=\"https:\/\/thecweb.com\/wp-content\/uploads\/2024\/10\/image-2.png\" alt=\"\" class=\"wp-image-807\" srcset=\"https:\/\/thecweb.com\/wp-content\/uploads\/2024\/10\/image-2.png 321w, https:\/\/thecweb.com\/wp-content\/uploads\/2024\/10\/image-2-300x210.png 300w\" sizes=\"auto, (max-width: 321px) 100vw, 321px\" \/><\/figure>\n\n\n\n<p>I finally decided to bite the bullet and upgrade my laptop to Windows 11 Pro, so that I could use RDP instead of VNC.  The primary reason I did this is to make remote access faster.  Not only is the RDP protocol much faster than VNC(prob more secure too), but I&#8217;ll be connecting to my laptop, which is much newer, with twice the RAM, some sort of i7 processor, and the wifi card seems a bit stronger.<\/p>\n\n\n\n<p>The config was quite simple after I learned to interpret this gobbledygook below:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Oct 01 19:45:13 thecweb.com guacd&#91;1382772]: Creating new client for protocol \"rdp\"\nOct 01 19:45:13 thecweb.com guacd&#91;1382772]: guacd&#91;1382772]: INFO:        Creating new client for protocol \"rdp\"\nOct 01 19:45:13 thecweb.com guacd&#91;1382772]: guacd&#91;1382772]: INFO:        Connection ID is \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\"\nOct 01 19:45:13 thecweb.com guacd&#91;1382772]: Connection ID is \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\"\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: FreeRDP initialization may fail: The current user's home directory (\"\/usr\/sbin\") is not writable, but FreeRDP generally requires a writable home directory for storage of configura>\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: WARNING:        FreeRDP initialization may fail: The current user's home directory (\"\/usr\/sbin\") is not writable, but FreeRDP generally requires a writable home di>\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: No security mode specified. Defaulting to security mode negotiation with server.\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        No security mode specified. Defaulting to security mode negotiation with server.\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        Resize method: none\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings.\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        User \"@f96cd9fe-6e30-495b-8b36-dbd32578750f\" joined connection \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\" (1 users now present)\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: Resize method: none\nOct 01 19:45:13 thecweb.com tomcat9&#91;1382777]: 19:45:13.459 &#91;http-nio-8080-exec-8] INFO  o.a.g.tunnel.TunnelRequestService - User \"cweb\" connected to connection \"RDP on hp360\".\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: No clipboard line-ending normalization specified. Defaulting to preserving the format of all line endings.\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: User \"@f96cd9fe-6e30-495b-8b36-dbd32578750f\" joined connection \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\" (1 users now present)\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: Loading keymap \"base\"\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        Loading keymap \"base\"\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        Loading keymap \"en-us-qwerty\"\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: Loading keymap \"en-us-qwerty\"\n<strong>Oct 01 19:45:13 thecweb.com guacd&#91;1382975]: Certificate validation failed\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        Certificate validation failed\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: RDP server closed\/refused connection: SSL\/TLS connection failed (untrusted\/self-signed certificate?)\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        RDP server closed\/refused connection: SSL\/TLS connection failed (untrusted\/self-signed certificate?)<\/strong>\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: User \"@f96cd9fe-6e30-495b-8b36-dbd32578750f\" disconnected (0 users remain)\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        User \"@f96cd9fe-6e30-495b-8b36-dbd32578750f\" disconnected (0 users remain)\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: guacd&#91;1382975]: INFO:        Last user of connection \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\" disconnected\nOct 01 19:45:13 thecweb.com guacd&#91;1382975]: Last user of connection \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\" disconnected\nOct 01 19:45:13 thecweb.com tomcat9&#91;1382777]: 19:45:13.855 &#91;http-nio-8080-exec-3] INFO  o.a.g.tunnel.TunnelRequestService - User \"cweb\" disconnected from connection \"RDP on hp360\". Duration: 396 milliseconds\nOct 01 19:45:13 thecweb.com guacd&#91;1382772]: Connection \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\" removed.\nOct 01 19:45:13 thecweb.com guacd&#91;1382772]: guacd&#91;1382772]: INFO:        Connection \"$7bea9685-1e55-4f4e-b0bf-7fc3f5fd0a5a\" removed.\n<\/code><\/pre>\n\n\n\n<p>The bolded lines are what I needed to figure this out.  Really it was quite obvious where that error was coming from once I decided to try to connect from a Windows PC.  Seasoned admins should be familiar with the message below:<\/p>\n\n\n\n<figure class=\"wp-block-image aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"396\" height=\"405\" src=\"https:\/\/thecweb.com\/wp-content\/uploads\/2024\/10\/image.png\" alt=\"\" class=\"wp-image-804\" srcset=\"https:\/\/thecweb.com\/wp-content\/uploads\/2024\/10\/image.png 396w, https:\/\/thecweb.com\/wp-content\/uploads\/2024\/10\/image-293x300.png 293w\" sizes=\"auto, (max-width: 396px) 100vw, 396px\" \/><\/figure>\n\n\n\n<p>And it turns out that Guacamole has not way of dealing with this at login.  So I added the bolded param to the config file and restarted things and boom goes the dynamite.  <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>            &lt;connection name=\"RDP on hp360\">\n                &lt;protocol>rdp&lt;\/protocol>\n                &lt;param name=\"hostname\">hp360&lt;\/param>\n                &lt;param name=\"port\">3389&lt;\/param>\n                <strong>&lt;param name=\"ignore-cert\">true&lt;\/param><\/strong>\n                &lt;\/connection>\n<\/code><\/pre>\n\n\n\n<p>Now, I did spend a little bit more time on an error above the one about issues <strong>writing to \/usr\/sbin<\/strong>.  A red herring to be sure.  Maybe I should have paid more attention to the fact that the error says it <strong><em>may<\/em> <\/strong>cause issues, not that it will cause issues.  After I changed permissions to \/usr\/sbin\/.config so that the Freerdp client could write there, the error persists, but it is still writing config files there, so not sure.  I only mention it because it wasted like 30 minutes of my time.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I finally decided to bite the bullet and upgrade my laptop to Windows 11 Pro, so that I could use RDP instead of VNC. The primary reason I did this is to make remote access faster. Not only is the RDP protocol much faster than VNC(prob more secure too), but I&#8217;ll be connecting to my [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":807,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[16,17,14,32,15,33],"class_list":["post-803","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-apache","tag-guacamole","tag-linux","tag-rdp","tag-ubuntu","tag-windows"],"_links":{"self":[{"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/posts\/803","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/comments?post=803"}],"version-history":[{"count":2,"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/posts\/803\/revisions"}],"predecessor-version":[{"id":809,"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/posts\/803\/revisions\/809"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/media\/807"}],"wp:attachment":[{"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/media?parent=803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/categories?post=803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thecweb.com\/index.php\/wp-json\/wp\/v2\/tags?post=803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}