[libvirt] [PATCH 1/1] Support for RDP

Pritesh Kothari Pritesh.Kothari at Sun.COM
Thu Apr 23 12:22:38 UTC 2009

Hi Daniel,

>   yes this is a limitation of the impelentation, not of the model, it
>   makes more sense to allow multiple graphis entries.

Ok, will do this.

> > feedback about attributes (auth='external' authtimeout='1234') would also
> > be appreciated. Thanks.
>   auth='external' sounds unclear, what does this mean ? Having the
> timeout hardcoded in the domain config file sounds a bit weird to me
> I would expect the default behaviour to be sufficient, depending on
> the networking layer used.

sorry, i thought i explained it earlier somwhere.

auth="" basically says which authentication method to use, the details are as 

1) The "null" method means that there is no authentication at all; any client 
can connect to the VRDP server and thus the virtual machine. This is, of 
course, very insecure and only to be recommended for private networks.

2)  The "external" method provides external authentication through a special 
authentication library. VirtualBox comes with two default libraries for 
external authentication:  On Linux hosts, VRDPAuth.so authenticates users 
against the host's PAM system. On Windows hosts, VRDPAuth.dll authenticates 
users against the host's WinLogon system. In other words, the "external" 
method per default performs authentication with the user accounts that exist 
on the host system. However, you can replace the default "external" 
authentication module with any other module.

3) The "guest" authentication method performs authentication with a special 
component that comes with the Guest Additions; as a result, authentication is 
not performed with the host users, but with the guest user accounts.

regarding authtimeout='5000', i guess it would do with default.


More information about the libvir-list mailing list