Skip to content

Commit

Permalink
Fix the client idle disconnect audit event for desktops
Browse files Browse the repository at this point in the history
We were attempting to use the desktop name as the server ID,
but in order to publish audit events we must use the HostUUID
of the windows_desktop_service.

Updates #8665
  • Loading branch information
zmb3 committed Nov 3, 2021
1 parent fa21858 commit e281f2c
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions lib/srv/desktop/windows_server.go
Original file line number Diff line number Diff line change
Expand Up @@ -582,13 +582,13 @@ func (s *WindowsService) handleConnection(con net.Conn) {
return
}

// Fetch the target desktop info. UUID of the desktop is passed via SNI.
desktopUUID := strings.TrimSuffix(tlsConn.ConnectionState().ServerName, SNISuffix)
log = log.WithField("desktop-uuid", desktopUUID)
// Fetch the target desktop info. Name of the desktop is passed via SNI.
desktopName := strings.TrimSuffix(tlsConn.ConnectionState().ServerName, SNISuffix)
log = log.WithField("desktop-name", desktopName)

desktop, err := s.cfg.AccessPoint.GetWindowsDesktop(ctx, desktopUUID)
desktop, err := s.cfg.AccessPoint.GetWindowsDesktop(ctx, desktopName)
if err != nil {
log.WithError(err).Warning("Failed to fetch desktop by UUID")
log.WithError(err).Warning("Failed to fetch desktop by name")
return
}

Expand Down Expand Up @@ -653,7 +653,7 @@ func (s *WindowsService) connectRDP(ctx context.Context, log logrus.FieldLogger,
LockTargets: services.LockTargetsFromTLSIdentity(identity),
Tracker: rdpc,
TeleportUser: identity.Username,
ServerID: desktop.GetName(),
ServerID: s.cfg.Heartbeat.HostUUID,
}
shouldDisconnectExpiredCert := authCtx.Checker.AdjustDisconnectExpiredCert(authPref.GetDisconnectExpiredCert())
if shouldDisconnectExpiredCert && !identity.Expires.IsZero() {
Expand Down

0 comments on commit e281f2c

Please sign in to comment.