Replies: 4 comments 3 replies
-
xrdp doesn't currently support additional PAM prompts. The only way to get this working currently is to enter the password and TOTP code together. Follow the wiki and you should be fine. |
Beta Was this translation helpful? Give feedback.
-
Had a go at it, and it seems that it works with Authenticator! :D Haven't tested it yet because i'm having trouble accessing the VM now, but that's another issue... I've switched to Red Hat Enterprise 9 on the server side to make it easier to follow the guide. But i can't seem to get xRDP to work. Can't connect to the VM at all. This was no issue on the ubuntu, so i have probably done something wrong with the setup. Looks like xRDP aren't reacting at all. (I'm fairly new to xRDP, and i'm a little rusty with Linux, so bear with me....) I've checked xsession-errors. It's empty... /var/log/xrdp.log: /var/log/xrdp-sesman.log EDIT: |
Beta Was this translation helpful? Give feedback.
-
So far so good.... I'm now having the same problem before i setup the google authenticator stuff:
I haven't touched "authselect". Can that be the problem? Any suggestions? |
Beta Was this translation helpful? Give feedback.
-
There's some confusion here which is totally my fault. I missed this line:-
Your edit above has removed comment characters ( When the file is delivered, the top stanzas are active (i.e. those that call Anyway, can we proceed as follows. Pick one of these:-
When you paste the files, place them between two lines containing triple-backticks (see this page) like this:- ``` It'll then appear like this:-
Feel free to ask questions - there's a bit to take in above. |
Beta Was this translation helpful? Give feedback.
-
Hello :)
I've been going mad with trying to use XRDP to work with Azure Entra ID and MFA.
The setup:
Main Problem:
I can RDP to the VM.
I get the XRDP login prompt.
I can login with my Entra ID credentials. But after login, the login prompt goes away and i'm left with the turkish blue background that comes with xRDP.
When checking the log (xrdp-sesman.log) i see that there's a line from PAM giving me a device code to enter with a Microsoft URL.
When i enter the URL and enter the device code given in the xrdp-sesman.log on my Windows PC i can login successfully on the VM.
This is obviously not how it should work...
I've seen a couple of users on various forums getting the same error, but i haven't seen anyone posting a real solution to this.
I've tried multiple things to no avail. But now i see that there's a Google Authenticator module for PAM. Reading the forum Wiki i see that i can work with any TOTP. That does mean it should work with Microsoft Authenticator.
So i just want to be 100 % that this will work before i try to setup this, seeing that it is a tedious setup.
Also, it would be nice to know if anyone have had direct experience with doing this with the Microsoft Authenticator, and if you experienced any shortcomings/problems.
Beta Was this translation helpful? Give feedback.
All reactions