Very cool tool.  I will check this out too as you can never have too many in your arsenal. 

I will test and also blog on this. Looks interesting. Thank you very much for sharing.

@HunterLAFR thanks for the sharing, reading the security report has several bugs 

Awesome!!

@HunterLAFR thanks for the sharing, reading the security report has several bugs 

 

I know I know,

But this is for test and lab environment, not for production, (or you can take the risk if you want)

Even dough, also I've seen a lot of Citrix environments with more bugs and/or no patches published on the internet!! 
(Also vcenters and Hyper-V hosts with direct open ports to a public IP, )

cheers,

Glad to see someone else using this!

I’ve had a static Guacamole VM set up for all of our Veeam Labs for several years, with internal/external IPs, URLs, and domain pass-through integration for all IT staff.

It gets round the issue of having to expose multiple IP addresses to the Live network - with only port 443 to the Guacamole VM required.

It also provides safety over our IT staff tripping up over Live and Lab Console sessions, since the Lab ones have to be accessed through the browser.  There’s a real danger of accidentally changing live systems accidentally when both consoles have the same look and feel, from the same console type.

I’ve also setup a shared folder on the VM, to swap files between the Lab and Live environments.

It’s a great tool, and perfect for Labs.  I think I raised it as a feature suggestion some years ago, to be integrated with the Veeam Proxy Applicance, but SureBackups/Labs haven’t seen many enhancements in recent releases. 

Did you find a way to let one non-admin user “shadow” the connection of another non-admin user? It could be limited to specific connections.

I can see the functionality as an admin user but haven’t been able to figure out how to get it to work for non-admin users.

Hi

I don't really get your point with the “shadow” question, sorry! but I’m very curious.

If you mean creating a user into the wasabi platform, it can be limited what he see from groups, and machines itself.

And also you can handle different ways to show to the users the possible connections and so on.

cheers.

Luis.

Hi Luis,

You were writing about Guacamole, so I wasn’t really asking about Wasabi 

Let me make an example:

I create user named “user1” and add an RDP connection to “SERVER”.

“user1” starts a connection to “SERVER” via Guacamole and keeps the session open.

“user2”, who is not a Guacamole admin, wants to see what “user1” is doing in the Guacamole session to “SERVER”.

If a Guacamole admin logs in, this can be done by clicking on the username in the top right corner → Settings → Active Sessions  and then click on the connection name.

Sorry about the wasabi, I was reading another thing. XD
 

Now I understood, Yes, Only admin users can see active sessions, not “normal” users.

It would be a good improvement to have like “group admins” to see active sessions only for your groups, not the hole system.

But I still liking the way it looks, and how it works for me and my lab!

cheers.