Add windows server for rdp via browser

Add windows server into Ezeelogin GUI for one-click RDP via the web browser.

 
Recording RDP session feature is available from Ezeelogin version 7.10.0  
Ensure that the desktop browser has enough CPU( 2GHZ) and RAM( 2- 4 GB ). Close out browser tabs so as to reduce the CPU footprint so that the browser-based RDP works without slowness.
Web RDP will work only if the web interface is accessed via HTTPS

1. On the gateway server, make sure to install nodejs.

On Centos 7

root@localhost:~ yum install epel-release

root@localhost:~ yum install npm

On Ubuntu 16/18 and Debian 10

root@localhost:~ apt install npm

On Ubuntu 20

root@localhost:~  apt-get update

root@localhost:~  apt install npm

 2. Install n, Node’s version manager:

If you are not using SSL, you need to set the repo to HTTP by running :

root@localhost:~ npm config set registry  http://registry.npmjs.org/

root@localhost:~  npm install -g n

 3. Install node by running :

To install the latest version:

root@locallhost:~ n latest

To install the corresponding version :

root@localhost:~ n version.number

For example, the below command will install node 14

root@localhost:~ n 14

Run the following  command to install node without SSL

root@localhost:~ n --insecure latest

To switch between node versions run the following command and refer to the given screenshot.

root@localhost:~  n



Once installed, ensure that the path to the node binary is specified correctly under Settings->General->Miscellaneous->Nodejs Command.



The nodejs command field should have the path to the
node / nodejs binary which usually is /usr/bin/node in the case of Centos7 and /usr/bin/nodejs in the case of Ubuntu 14-04

Ensure that inbound TCP traffic on port 52555 is open as nodejs server listens on this port.

Ensure that outbound TCP traffic on port 3389 is open as RDP listens on this port.

 

To ensure ssl for the browser tab that opens up for the web rdp, generate a self-signed cert with the following command. Web Shell will work only if the web interface is accessed via HTTPS

root@gateway:# openssl req -new -days 365 -x509 -nodes -newkey rsa:2048 -out /usr/local/etc/ezlogin/tls_cert.pem -keyout /usr/local/etc/ezlogin/tls_key.pem

Or put a valid ca, cert and key in the files: /usr/local/etc/ezlogin/tls_ca.pem, /usr/local/etc/ezlogin/tls_cert.pem & /usr/local/etc/ezlogin/tls_key.pem respectively. You can rename your current .crt / .key file to .pem file.

 

Also, make sure that the .pem files are readable by the webserver user such as nobody/www-root/apache, etc. An easy way to grant the web user read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem

 

Make sure that users have the privilege to access ’ Windows RDP Login

acl-rdp

 

Click on the windows icon to RDP into the remote machine

windows-rdp

 

  Ensure that Network Level Authentication ( NLA ) is disabled on the remote windows machine as shown.

network-level-authentication

 

 Install the NodeJS modules dependencies for the Web RDP Console Application.

cd $(awk '/^system_folder/ {print $2}' /usr/local/etc/ezlogin/ez.conf)/application/external/mstsc/&& npm install


1. You can add the windows-servers by clicking the add button as shown below

 

2. You need to enable RDP and specify the RDP port as shown below

 

Pros of browser-based RDP

  • Easily RDP via browser in one click
  • Don't have to remember the administrator passwords
  • No RDP client needed

Cons of browser-based RDP

  • Unable to copy and paste the document to the remote desktop.
     
    RDP sessions recording is available from version 7.10.0

 If you are getting a protocol error, after upgrading the Node version you just need to add --tls-min-v1.0 to the nodejs command in Settings->General->Miscellaneous>Nodejs Command.

Troubleshooting 



  • Ensure that Node version is above 12  and NPM Version is >=5     

[root@otp webrdp]# npm -v

6.14.6

[root@otp webrdp]# node -v

v12.22.0  

To get more detailed errors, append log_level trace in ez.conf. 

 Kill the current running node

root@jump-host:~#  pkill node

Access the web RDP and check the application logs under  {system folder}/application/logs/, ( for example, /var/www/ezlogin/application/logs/log-2020-12-16.php )   to get the command to manually start the web RDP.

Note: Append  DEBUG=*   at the beginning of the command which you've got from the application logs.

For example

root@jump-host:~#  DEBUG=* PORT=52666 XFWD=1 WS=1 SESSION_TIMEOUT=300000 REQUEST_TIMEOUT=120000 DBP='94Y6[@MhW]@Qb' node /var/www/ezlogin/application/external/mstc/server.js

5 (1)
Article Rating (1 Votes)
Rate this article
    Attached Files
    There are no attachments for this article.