Add windows server for rdp via browser

Add windows server into Ezeelogin GUI for one click RDP via the web browser.

 
Recording RDP session feature is available from Ezeelogin version 7.10.0 
Ensure that desktop browser has enough cpu( 1-2GHZ) and RAM( 1GB ). Close out browser tabs so as to reduce the cpu footprint so that the browser based rdp works without slowness.
Web Shell will work only if the web interface is accessed via HTTPS

On the gateway server, make sure to install nodejs.

In CentOS 6

[[email protected] ~]# curl -sL https://rpm.nodesource.com/setup_9.x |bash -

[[email protected] ~]# yum install -y nodejs

[[email protected] ~]# node -v
v9.5.0


In CentOS 7

 [[email protected] /]# yum -y install nodejs

 [[email protected] /]#/usr/bin/node -v

v6.12.0


In Ubuntu 14.04

[email protected]:/# curl -sL https://deb.nodesource.com/setup_9.x |bash -

[email protected]:/# apt-get install nodejs

[email protected]:~# /usr/bin/nodejs -v

v9.4.0

 

In Ubuntu 16.1

[email protected]:/# curl -sL https://deb.nodesource.com/setup_9.x |bash -

[email protected]:/# apt-get install nodejs

[email protected]:~# /usr/bin/nodejs -v

v9.4.0

 

In Ubuntu 18

apt-get install nodejs

/usr/bin/node -v

 v8.10.0



Once installed, ensure that the path to the node binary is specified correctly under Settings->General->Miscellaneous->Nodejs Command.



The nodejs command field should have the path to the
node / nodejs binary which usually is /usr/bin/node in the case of Centos7 and /usr/bin/nodejs in the case of Ubuntu 14-04

Ensure that inbound tcp traffic on port 52555 is open as nodejs server listens on this port.

Ensure that outbound tcp traffic on port 3389 is open as RDP listens on this port.

 

To ensure ssl for the browser tab that opens up for the web rdp, generate a self-signed cert with the following command. Web Shell will work only if the web interface is accessed via HTTPS

openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /usr/local/etc/ezlogin/tls_cert.pem -keyout /usr/local/etc/ezlogin/tls_key.pem

Or put a valid ca, cert and key in the files: /usr/local/etc/ezlogin/tls_ca.pem, /usr/local/etc/ezlogin/tls_cert.pem & /usr/local/etc/ezlogin/tls_key.pem respectively. You can rename your current .crt / .key file to .pem file.

 

Also, make sure that the .pem files are readable by the webserver user such as nobody/www-root/apache etc. Easy way to grant the webuser read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem

 

Make sure that users has privilege to access ’Windows RDP Login

acl-rdp

 

Click on the windows icon to rdp into the remote machine

windows-rdp

 

  

Ensure that Network Level Authentication ( NLA ) is disabled on the remote windows machine as shown.

network-level-authentication

 

Pros of browser based RDP

  • Easily RDP via browser in one click
  • Dont have to remember the administrator passwords
  • No RDP client needed

Cons of browser based RDP

  • Unable to copy and paste the document to remote desktop.
     
    RDP sessions recording is available from version 7.10.0

0 (0)
Article Rating (No Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    how do i access the ssh logs history that was recorded for the ssh user ?
    Viewed 1435 times since Thu, Jun 15, 2017
    Password management and the different options.
    Viewed 1440 times since Wed, Jun 14, 2017
    Unable to login into cpanel/whm with one click
    Viewed 3060 times since Wed, Jun 14, 2017
    How to grant a user access to control panel
    Viewed 1138 times since Thu, Jun 15, 2017
    How do i add in bastion server into the ssh gateway when i dont know its password?
    Viewed 1205 times since Wed, Jun 14, 2017
    How to configure Yubikey two factor authentication in ssh ?
    Viewed 3346 times since Thu, Jun 15, 2017
    How do I prevent the root password of the target server that i add from being changed?
    Viewed 1296 times since Wed, Jun 14, 2017
    How to enforce 2 Factor Authentication on user login?
    Viewed 645 times since Wed, Sep 19, 2018
    Create more admin users in jump server?
    Viewed 1315 times since Wed, Jun 14, 2017
    crons for changing root passwords on servers periodically and managing ssh user logs.
    Viewed 1806 times since Thu, Jun 15, 2017