Issue with Linux to Windows UDS Tunnel RDP Connection

[Windorsort]

Hi!

I am experiencing an issue with connecting from Linux to Windows via a UDS tunnel RDP. My reference machine is in a domain, and I want to be able to select a domain user during the connection, but this does not happen as it does in Linux-Linux and Win-Win combinations (where an authorization window appears). I understand that it is possible to set up the connection and enter the domain user's credentials in advance, but then I would need to create a separate connection in UDS for each such domain user.

In my case, the authorization window simply does not appear, and I do not have the option to enter the domain user's credentials.

Thank you for your assistance.

Best regards,
Windorsort

[Windorsort]

I also have a question regarding the redirection of USB devices, such as a flash drive or headphones, from a Linux Client to Windows via the same RDP tunnel. By default, it does not work even if the settings in the UDS panel connections indicate to move all.

[dkmstr]

For the first question, there is a "use empty credentials" option on the credentials tab, that if you activate it should "ask" for credentials, but only if not using NLA authentication. With NLA, is not possible to enter credentials after connection. it's a protocol matter, not UDS :).

For redirecting usb devices, you will have to "tune" the "linux client" parameters, because with xfreerdp this is a bit tricky.
I recommend you to connect using xfreerdp first directly (i.e. from the command line), playing with options and after that, when you are satified, include them in the "linux client" tab parameters

[Windorsort]

As you wrote, it should work, but it still doesn't. I tried connecting directly through the console using xfreerdp, and everything works. Literally, all scenarios work except the scenario where you try to connect from Linux to Windows via RDP without specifying credentials. Regarding the checkboxes you mentioned, they were checked.

I also tried specifying the parameters, but no matter what I entered, the result did not change.

[dkmstr]

the part you show i don't understand. Again, with NLA auth you cannot connect with without credentials. In 3.6 with ALL credentials empty (username, password and domain), should appear the credentials screen on windows (because rdp is forced).

openuds/server/src/uds/transports/RDP/rdp_file.py

Line 190 in 6f0a993

if forceRDPSecurity:

Exactly which is the behabior?

Try, from command line (withint the terminal), run firefox (by just tipping "firefox" :) ) and the output of xfreerdp will be shown on the terminal, probable you will get the clue there

[Windorsort]

there is also a problem with Authorization UDSactor under windows 3.6 version
an error appears on the SSL certificate although the settings are set to ignore the certificate, when using UDSactor windows 3.0 there is no such problem

[dkmstr]

UDS from 3.5 onwards, does and will not support unsecure TLS versions or ciphers.... So yes, 3.6 does not accept TLS 1.0 connections any more, and will not :(

Note:
Ensure you have support for TLS 1.3 for UDSActor, this will ensure you will have no problem at all (nor with the version or the security :P)

Note 2:
For your interest:
https://www.cloudflare.com/learning/ssl/why-use-tls-1.3/