Adito is based on Java and basicly the Adito-client works “everywhere”.
This can be very handy when you are on a internet-cafe or just borrowing a computer.
This guide will show you step by step on how to setup Remote Desktop (RDP) to your Adito server.
If you are not familiar with RDP, it can be simply explained; it shows your desktop, wherever you are on the internet.
Before you can begin, please read this guide on how to enable RDP for Windows 7/XP.
Adito have also VNC support (and others), so both Linux and Mac can use the same guide, only by using VNC application instead.
Step 1 – Install Adito as server
Please see this install guide using the windows installer
If you prefer the SVN version, please download it from here
Please note that you have to port forward 443 (or any other port you selected) to this computer on your router, so the rest of the world can see your Adito server.
Find your router here if you don’t know how…
Use a dns-service like no-ip.com to give your Adito server a remember-able-name 😉
Step 2 – Installing RDP extension
The Adito client can publish software to download and execute.
Typical portable software is prefered, since clients does not always have registry write access.
First, download the RDP extension. It uses the RDPsso.exe command from Microsoft and is based on the old less secure RDP.
But you are connecting through a SSL encrypted tunnel, so it is considered “safe”.
If you are not in managementconsole press the changebutton now
Press “Extensions” in the “Configuration” tab
Then press the “Upload Extension”.
Press the Browse-button and select the adito-application-advancednativerdpwin32.zip file, press “Upload”
You should now have the Microsoft RDP client installed
Step 3 – Create an Application
Select “Application” under the Tunnels tab
Press the “Create Application shortcut”
Call it “Adito server” and add a short description
Press next and select the RDP application.
Press next and enter 127.0.0.1 as host, change other options if you like.
Default RDP port is 3389 and is usally left alone
(Note: You aren’t restricted to local-ips or -hosts here, you can also use internet hosts. Some people use the Adito server as the only entrypoint on their firewall)
Press next and publish it to Everyone group.
Press next and look over the summary, then press Finish.
You have now published an app called “Adito server” to the group “Everyone”.
That means that every user that you have, will gain access to this app.
You can create as many applications as you need, just repeat the wizard 🙂
Step 4 – Testing the RDP
Connect to your Adito server and run the client.
Rightclick on the icon in systray and select “Adito server”.
The client will now open a temporary port, download the RDP application and connect.
If all succeded you’ll be presented with a login screen.
Next time you’re at an Internet-cafe or the library, try running the client. It will probably work 🙂
Tip: If you don’t have access to the Agent systray-icon;
Just run applications through Resource -> Applications by pressing the application you want
Errorhandling checklist
1. Check that you enabled RDP?
2. Check that the Windows firewall doesn’t block port 3389
3. Can others in the same network connect to RDP on the server, without using Adito? (local to local)
4. When using Windows Vista/7 you might have decrease the encryption to let old clients connect (* as described in the guide above)
5. Some corporative firewalls block self-signed HTTPS-certificates. If you can’t get through to your Adito loginscreen and get an error regarding certificate; buy a cheap cert from namecheap.com
More info regarding, please read the comments in the Installer page!
Hack tip
An extension in Adito is basicly just a zip-file with a xml-config and the application.
If you want to create your own, just download extensions from adito.werner.no and check out the config.
I have made the Firefox portable for instance available for users.
That way you can use your favorite browser without installing it (not published cause of huge download-size and special configs)
Remember that the app needs to be registry independent, since not all clients have reg-write access.
Simple extension
This sample is from the WinUtil
<bundle version="1.0.0" name="WinUtil" id="WinUtil" license="Freeware" type="executable" requiredHostVersion="0.9.0" order="99999">
<description>
Gives you the three HAT buttons on top of the screen.
These buttons will hide, set always on top and make windows transparent.
A pleasure adding this to the SSL-explorer list ;)
</description>
<extension type="executable" name="Windows Util" extension="WinUtil">
<description>
Gives you the three HAT buttons on top of the screen.
These buttons will hide, set always on top and make windows transparent.
A pleasure adding this to the SSL-explorer list ;)
</description>
<files>
<file>WinUtil.exe</file>
<file>WinUtil.cfg</file>
<file>gfx/Windows Standard/A-DOWN.bmp</file>
<file>gfx/Windows Standard/A-UP.bmp</file>
<file>gfx/Windows Standard/H-DOWN.bmp</file>
<file>gfx/Windows Standard/H-UP.bmp</file>
<file>gfx/Windows Standard/T-DOWN.bmp</file>
<file>gfx/Windows Standard/T-UP.bmp</file>
<file>gfx/Windows XP/A-DOWN.bmp</file>
<file>gfx/Windows XP/A-UP.bmp</file>
<file>gfx/Windows XP/H-DOWN.bmp</file>
<file>gfx/Windows XP/H-UP.bmp</file>
<file>gfx/Windows XP/T-DOWN.bmp</file>
<file>gfx/Windows XP/T-UP.bmp</file>
</files>
<executable program="${client:installDir}/WinUtil.exe">
</executable>
</extension>
</bundle>
All I needed todo was to create a filelist included and what todo when the program was downloaded.
There are several options on how to create extensions, please read the wiki for more options and functions!
If you create portable packages, please let me know and I’ll host them @ adito.werner.no after testing it
First thanks for great guide.
I have a question. I need Agito not as remote desktop service but as a VPN server. So, are there any applications available to download and use Agito just as VPN server? I am really looking for clientless solution (I used OpenVPN before) and there are practically no open-source options available so Agito is indeed great. Just please help me with advice how it can be used as VPN server.
Hi Kaeline,
Adito is a VPN solution that works through a browser (using java).
You can use it as a vpn entry, but it does not work as good as eg OpenVPN.
Regards. Lars
Hi Lars happy holidays. Are you still involved with this project? I know the files are old but i managed to get it working on an old XP machine. Which brings me here. There isn’t much documentation on how to setup the features such as web forwarding. I’m trying to setup passing the login parameters to login and open a 3rd party site but with no luck. If at all possible can you assist me?
Hi Tony, sorry for late reply. Please read the wiki here: https://wiki.amahi.org/index.php/Adito
The official documentation is here: http://dl.amahi.org/SSL-Explorer_Administrators_Guide.zip
You have to expect trial and error to get up and running 🙂
Im using windows server 2008 R2, I have just updated my java to the latest version. I can use RDP via IP and hostname. Everytime i try and connect i get that error message.
I keep getting an error message saying that Adito agent cannot connect. Help
Hi David, kan du specify more about your system (OS, Java version etc) and how you try to connect?
If you have resolving issues try using your IP-address directly.
Cheers. Lars
Hi, I just installed adito on my win7 x64 box. I can’t get the Adito agent to start getting the error on client browser: “Adito Agent failed connect”. On the adito server Log file I see this error: “ERROR RegisterClientSynchronizationAction – Registration of agent did not occur when the specified timeout of 60000ms”. I get the error when I connect to adito from either my win7 box or my laptop. Windows firewall is turned off on win7 for my tests. I have the same installation on my Win2003 server without any issues on that installation. What is wrong with my win7 adito installation ? How could I resolve the agent? If not possible is there another way with adito to open RDP session without the agent ?
regards
Fred
Hi,
I would like to get some help from you guys. I have problem in connection RDP through Adito. While opening the RDP application, I noticed the tunnel is created, after some steps in certification check, it got immediately close the tunnel. so RDP did not open the connection. I feel, this is the certificate type error. But i don’t what is the logic in the this process.
Any idea? i am expecting your replies.
Thanks
Sankar
Hi Sankar
Are you connecting to a Windows 7 machine with an older Windows?
If so, please check that you have the “Allow connections from computers running any version of Remote desktop”.
You find pictures in option two here: http://www.sevenforums.com/tutorials/3922-remote-desktop-connection-rdc-network.html
-Lars
Hi Lars,
I have cleared all basic steps of this issue like your suggestion and firewall etc.. The RDP server is windows 2008. I have checked in my local intranet (windows 7) and through internet outside( windows server 2008 R2) as well. I got same error. I understood the basic idea of this is working, but i am not very sure about some specific tunnel type of details. because i have noticed the tunnel is closed before complete the RDP connection. So connection could not be made.
I did not understood why the tunnel is closed. any reason?
Hi Sankar
The tunnel close is probably since it is attached to the application and it closes if the application fails to connect.
Remember that Adito sometimes works bad behind HTTP/HTTPS proxies, in these scenarios IP works best!
To test a persistent tunnel should be use.
Here are some steps that should lead you in the right direction for troubleshooting:
1. Ensure that the RDP works in your local network first, without using Adito!
Connect directly to your source (Win2k8) with the W7 machine and see if the RDP works as expected.
Typical behind our NAT-router (192.168.x.x class C-subnet)
2. If the Adito-server is running on the W2k8 server, please check that you can connect to RDP with localhost:
telnet localhost 3389 (you should see a blank screen if connected)
If that is blocked, please check your local firewall on the W2k8 server.
Still if that seems OK, try changing the port of your RDP: http://www.iteezy.com/change-rdp-3389-port-on-windows-2008-server/qc/10098
(That have worked for others, and is also a verification regarding the firewall)
3. When you have a confirm RDP, check out this tunnel guide: http://lars.werner.no/?page_id=153
In the destination port write 3389 (or new port number if you changed it), the destination host is 127.0.0.1 (or localhost)
Connect manually with your remote desktop to localhost:4040 and it should work as expected.
4. Now setup your application tunnel with the same criteria and the RDP+Tunnel should work as expected.
Hope it helps you on the way!
-Lars
Hi Lars,
I have checked as per your 3rd point, it is connected and RDP is working in that way. But the actual problem did not get resolved.
Finally, i have rechecked all the option in the application connection parameter and found the solution. There is one option in general tab, “Close tunnel on disconnect”. This is enabled by default. I unchecked this option, the tunnel closing problem is resolved and able to connect the RDP server.
I feel, this option give such meaning (Close tunnel on disconnect). I feel there is disconnection happened after the credential prompt in remote desktop process.
Anyhow, things working good now.. I have one more request, How do i change my certificate for Adito server? I have setup my own certificate while installation wizard.
But, I had faced agent connect failed error. later, i have created self signed certificate in the wizard and the agent is working properly.
Now, if change again to another certificate, i may receive the same agent error.
Any way to resolve this certificate issue? and is there any way to client certificate based authentication setup in the adito?
Hi Lars,
Is there any idea to use my third party certificate for hosting this adito site?
Hi Sankar
I bought a 1024-bit cert from namecheap.com and installed it.
Read more about what Adito support here: http://sourceforge.net/apps/trac/openvpn-als/wiki/ssl_certificate_management
-Lars
I think Adito is great but I can’t get my extension to work. I made an extension.xml file and did all the tings in the documentation to build my own extension of the zoiper client. No matter what i do it won’t upload to the extension manager. Does someone can give me some hints?????
Do you get any error messages or simular?
Did you open the extension.xml in a XML-viewer (IE/Firefox) to check if there are errors?
Go to http://pastebin.com and paste your xml, and I’ll see what could be the problem 🙂
Hi there,
Took existing xml file of winscp from adito.werner.no and changed it conform documentations. pastebin says nothing is wrong. I use notepad++ to edit xm file. When I upload it I get no errors.
Can you provide the pastebin-link, so I can actually see the parameters used?
Even though the XML is correct, the names/variables have to be equal.
You mean this?
http://pastebin.com/Lh0AsEU7
Yes… I did not see any flaws at first sight, but i’m on a travel and doesn’t have anything to compare it with. It seems right.
A tip is to stop adito as a service and run it in a console. It might give you something more to go on.
Hi, Large
I have a question regarding the use of Adito or SSL Explorer via HTTP proxies which do not allow or support the use of HTTP CONNECT method. Can Adito work through these kind of proxies? So far from my search and research, it seems Adito is unable to work through these kind of proxies.
Has anybody tried using Adito via HTTP proxies which do not support or allow CONNECT method?
Hi, Large
Thanks for your great work! Please can you give me a link to download the Firefox extension and if possible modified for the original SSL Explorer so I can download it?
Hello i’ve install adito on a debian lenny works great on direct internet connexion
but at work no way to pass the proxy, i’ve test some config but adito agent can’t connect 🙁
i’ve a question in log i see this : Connecting to x.x.x.x:8,080
the “,” is normal ???
thanks for help
A french user ^^
Hi Albebert
No the “,” isn’t normal and you should check the proxy-settings on the client you’re trying to connect from.
If your workplace use a pac-script to set proxy, you can not do other than set the proxy static to a profile.
But you should also check if your workplace accept software such as Adito.
Regards.
Lars Werner
Hi Lars
i use a profile with proxy settings from the pac file of my workplace.
so i test some config from profile (prox http, https… auth basic ntlm..)
i’m not sure but the proxy require https and the “,” occur only when i configure the profile to use https proxy.
note : i use adito 9.0.1 on debian lenny with forceversion and your appstore (thanks for that !)
There are several updates regarding the proxy-settings in the SVN-release.
Did you extract the latest build, 706 from sourceforge?
http://openvpn-als.svn.sourceforge.net/viewvc/openvpn-als/
If not you should try this: svn co https://openvpn-als.svn.sourceforge.net/svnroot/openvpn-als openvpn-als
And then afterwards do a compile using ant: http://jaredheinrichs.com/how-to-install-openvpn-als-on-ubuntu-linux-ssl-vpn.html
If the proxy aren’t “smart” you should be able to get through.
But if you can get through port 8080 you should use SSH and Tunnelier from http://www.bitwise.com to easy getting into your system 🙂
Regards. Lars
i test the latest build from svn just now and…
work with http (https : same issue it try 8.080 port for proxy )
Thanks 🙂
putty : ok
now : rdp ^^^
Lars,
Firstly, great guide. It took me minutes to set up what had been taking me hours previously. One question though. My rdp tunnel works great when I have normal internet connectivity, but at work, all our internet links go via a proxy server. This just passes through https, but still needs to go via the proxy, rather than straight out. When I start the rdp client at work, it gets as far as launching the java vpn client, then says it can’t synchronise, and bombs out.
I can see that for network browsing its possible to set up a proxy, but not for rdp. Any ideas?
Thanks
Perry
Hi Perry
The first step is to get the Adito-agent to connect through the proxy.
Default it will use system settings, but it will fail if your company uses PAC-files for proxy-config.
Check out details on auto-config: http://en.wikipedia.org/wiki/Proxy_auto-config
If you have access check out your config, here is where to look: http://www.cisco.com/en/US/docs/security/web_security/connector/connector3000/Configuring.html
My tips is to copy & paste the PAC file address, get the default http-proxy they use through that file.
Then create a new profile in Adito called “WorkProxy”.
In the right of “WorkProxy” you have a “more” button, push it, then select “Configure”.
Push the “Adito Agent” then “Agent Proxy server”; now fill inn your proxy and port.
If they doesn’t have other detections, Adito will connect and synchronize.
Cheers,
Lars
Lars,
Work indeed do use a pac file to configure our proxy. I do have access to it, and at the end, it has 3 possible proxy servers, via a dns name, and two addresses.
I’ve been out the office for a few days, so will try when I get back in this week, and let you know.
Thanks for the help.
Perry
Thanks to these guides I’ve setup a server with an RDP connection using the app.
Is there any way to have an app launch on login. EG. Joe Bloggs logs into Adito and the RDP app launches immediately?
Thanks
Hi Alex,
Sorry no, there is no such option to autorun a extension when the agent is started.
Only auto-start function is on the tunnels, as I know it.
Cheers,
Lars
I love the Microsoft Remote Desktop Plugin… Is there a MAC plugin that works the same?
People with Mac usally run this: http://waldemar.schlackow.de/node/10
But I don’t own a Mac, so I dunno what remotesystem is prefered.
There is also a Mac client for RDP made by Microsoft: http://www.microsoft.com/mac/remote-desktop-client
How to create this in a package, I dunno.
Maybe other Maccers could help here?
Cool app. Started using Adito 0.9.1 and got it working successfully on Debian Lenny. Was looking for the nEXT for Adito but failed to find any info so decided to create my own…basically install OpenVPN on the same server and created an extention for the client; OpenVPN portable… works great.. i have simulated nEXT with Adito 0.9.1 and now able to connect to the remote lan ….
Hi,
John, please can you share your work files on the neXT for adito because I’m interested in the same thing.
Much appreciated !