In this article we describe how to manage connections and how to use them by the user.
General information about Guacamole, the installation and integration into EGroupware is described in:
You should have read the article before this article.
First of all, let me clarify: For users and groups in Guacamole the users/groups from EGroupware are used. There is no double data storage/synchronization!
Because Guacamole only needs/is allowed to see a small part of the user/group data, views of the user/group tables have been created with the installation of Guacamole:
Additional tables were created for connections:
Thus also EGroupware has access to configuration data of Guacamole and can use them within EGroupware. History data is also stored there.
Only tables and views in the EGroupware database were created on the database server. No additional database!
A connection is the configuration of the access data of a target (PC, server, …), the parameters and the access authorizations.
The data storage described above makes it possible to provide a separate dialog for the connections in EGroupware for creation and administration. In the ideal case you can manage your connections exclusively with this dialog:
We have included in the configuration the fields that we think are needed. At this point we are dependent on feedback from users. If a field has to be adjusted again and again in the Guacamole configuration, we could include it in the EGroupware mask and preset it with a reasonable value even when creating a new one.
In Guacamole there are much more parameters available for a connection. A documentation for each protocol can be found here: RDP VNC SSH
The general documentation for connections:
There are two ways to create a connection: About EGroupware
(coming directly into Admin or via the Guacamole menu)
Since both sides write the connections into the database and there is no direct connection between EGroupware and Guacamole, the configuration must be manually reloaded on the other side (F5, logout/login, …).
We limit ourselves here to the creation of a connection via EGroupware:
Essentially, the protocol, the address data and the authentication data are entered here. Further parameters for the protocol can be configured.
The access data for a user can, but do not have to be entered!
On the second tab, permissions have to be entered (if not only the admin should use the connection):
Whoever is entered in the ‘Usage’ field as a user or via a group is shown this connection in the connection overview.
permissions can only be set via EGroupware.
The Guacamole way via user or group does not work because we use views on the EGroupware users. On this way you can only look (view), not write like a table. Of course we don’t want Guacamole to write or be able to write to the EGroupware tables of user permissions.
We have integrated guacamole to quickly provide a safe and easy way to work from home. More extensive configurations (see below) are not included for the time being. We assume a notebook/PC in the home office.
If you have or have experience with these topics, you can and should share it here in the forum!
Two more clues at this point:
The main difference between RDP and VNC is the fact that with VNC you look at the desktop (like on the connected screen) and with RDP you establish a session that you don’t see on the connected PC.
So you could give someone your PC via VNC and he could switch between desktop and remote. With one and the same session. Only one must consider: Others can watch on the PC. But this can also be intentional. For example, for service purposes.
An RDP session on a Windows PC can also only be established if nobody is logged on to the PC and no other RDP session is running. Multiple sessions are possible on terminal servers or modified Windows desktop clients.
Display on client
How well the transmitted image is displayed depends on various factors. The most important one: any scaling should be avoided because it makes the image more blurred. Ideally, the resolution should be fixed to the target device (the monitor) and then the browser window should be displayed full screen.
The VNC and RDP protocols behave somewhat differently. With RDP you may be lucky with automatic scaling. You just have to try it out and see what fits best. There is no patent remedy for this.
Now the user can open the connection by clicking on it or open it in a new window using the context menu and then, for example, maximize the window on a second screen (or full screen (F11)):
If the user should be able to open via the context menu and he has only one connection, a second (dummy) connection must be created.
Close (disconnect) the session
the guacamole-specific side menu is called up. There you can (should) close (disconnect) the session:
The session must be closed manually if other people on the PC (user) log on to EGroupware.
A few things in short form:
To use Guacamole, a user in EGroupware must have the execution permission for Guacamole.
Also the admin must first grant himself the right for Guacamole. This is not automatically done with the installation!
The Admin always has execution rights on all connections and therefore sees all of them.
A user in turn only sees the connections (and may execute them) in which he has rights.
If the user has only one connection, it is started immediately when opening Guacamole.
If someone already has an RDP session on the PC, the connection is closed in favor of the other user.
Topics that are not (yet) covered in this article:
- Settings regarding performance.
- Remote printing
- File exchange
- Screen keypad
- Remote program
Enough for one more articles… Later.
For questions, suggestions etc. please create your own topic in the forum as usual and refer to this article.