Configuring XDMCP and GDM on Red Hat Linux Page 1 of 6

VMware workstation 7.1

Run multiple OS on virtual machines
Workstation 7.1 ESD - 18% discount

Return to Linux Home Page.

Configuring XDMCP and GDM on Red Hat Linux

by Jeff Hunter, Sr. Database Administrator

Contents

1. Overview
2. Configure Linux to use GUI Logins
3. Granting Remote Access to the Login Manager
4. Remote X Server Access from a Linux Client
5. Troubleshooting

Overview

Most users installing Linux today choose to install and configure the X Windows System. This allows
those users to access their Linux environment using a graphic (GUI) console connected to the
workstation or server. An X Windows environment provides users to run X programs like xterm,
OpenOffice, Mozilla Firefox and a host of other useful graphical software packages.

There are times, however, when users need to log in to a Linux machine using the graphical X Windows
System from a remote computer, like a Windows PC for example. The remote Windows PC would first
need to have an X Windows Server installed like Xming, Exceed Hummingbird, or my personal favorite
X-Win 32.

When installing Red Hat Enterprise Linux, the system defaults to a secure configuration which does not
allow remote graphical logins or remote desktop access. This article explains the configuration changes
required to allow remote access to a Red Hat Enterprise Linux system (RHEL) using the X Display
Manager Control Protocol (XDMCP) or GDM (GUI login).

Configure Linux to use GUI Logins

One of the first steps is to make certain the Red Hat Linux environment is configured to use a graphical
(GUI) login. A Linux environment allows for either a text login or a graphical (GUI) login. This option
is specified in the init script configuration file /etc/inittab. In order to allow remote graphical (GUI)
logins, the environment itself must be configured for a X11 GUI login. Make certain the system is
configured with the correct X11 runlevel (which in this case is runlevel 5):

/etc/inittab

..... <SNIP> .....

# Default runlevel. The runlevels used by RHS are:

# 0 - halt (Do NOT set initdefault to this)

http://www.idevelopment.info/data/Unix/Linux/LINUX_ConfiguringXDMCPRedHat... 20/02/2011
Configuring XDMCP and GDM on Red Hat Linux Page 2 of 6

# 1 - Single user mode

# 2 - Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 - Full multiuser mode
# 4 - unused
# 5 - X11
# 6 - reboot (Do NOT set initdefault to this)
#
id:5:initdefault:

..... <SNIP> .....

Granting Remote Access to the Login Manager

The next step is to grant MS Windows users remote GUI access to the Red Hat Linux system. More
specifically, we need to grant access to the RHEL Login Manager.

XDM Login Manager

The XDM login manager is used for older releases of Red Hat Linux. For example:

Red Hat Enterprise Linux 3

Red Hat Enterprise Linux 4

CentOS 3

CentOS 4

Fedora Versions 1 through 6

Use the following steps to enable the services and modify the files necessary to configure
the XDMCP:

1. To do this, edit the /etc/X11/xdm/Xaccess file and open the connection to hosts by
un-commenting the line:

#* #any host can get a login window

or enter individual IP addresses of selected hosts.

SuSE users can do the same by editing the file /usr/X11R6/lib/X11/xdm/Xaccess.

2. Next, open the file /etc/X11/xdm/xdm-config and comment out the line:

DisplayManager.requestPort: 0

3. Make sure to run the program xdm as the "root" user account.

# xdm &

4. If things still do not work, you may need to reboot the server or restart the xdm if it
was already running.

The xdm command (X Display Manager) manages a collection of X displays,

which may be on the local host or remote servers. The design of the xdm command
was guided by the needs of X terminals as well as the X Consortium standard
XDMCP (the X Display Manager Control Protocol).

GDM Login Manager

Users running Red Hat Enterprise Linux 5, CentOS 5, or Oracle Enterprise Linux Release 5
will need to use the GDM login manager as XDM is no longer supported.

http://www.idevelopment.info/data/Unix/Linux/LINUX_ConfiguringXDMCPRedHat... 20/02/2011
Configuring XDMCP and GDM on Red Hat Linux Page 3 of 6

First, edit the file /etc/gdm/custom.conf and add the following two entries:

[xdmcp]
Enable=true

[security]
DisallowTCP=false
AllowRemoteRoot=true

Next, restart X Windows:

[root@racdb2 ~]# init 3

[root@racdb2 ~]# init 5

The final step is to configure the GDM login manager using the gdmsetup utility:

[root@racdb2 ~]# gdmsetup

After starting the gdmsetup utility, click the Remote tab. Under the Remote tab, change the
Style pull-down menu selection from 'Remote login disabled' to 'Same as Local':

After configuring remote access to the GDM login manager, select the Security tab. Under
the Security tab, I checked the options:

http://www.idevelopment.info/data/Unix/Linux/LINUX_ConfiguringXDMCPRedHat... 20/02/2011
Configuring XDMCP and GDM on Red Hat Linux Page 4 of 6

Allow local system administrator login

Allow remote system administrator login

Exit from the gdmsetup utility and restart the GDM service:

[root@racdb2 ~]# /usr/sbin/gdm-restart

You can test the GDM login screen locally using the following:

[root@racdb2 ~]# X -query localhost :1

Remote X Server Access from a Linux Client

So, what if your client workstation is a Linux machine and you want to obtain a graphic login to another
Linux machine? From the client workstation, use the Xnest utility as follows:

# Xnest -query <machine-name> -geometry <resolution> :1

For example, if my Linux workstation is named oemprod and I want to remotely access node racdb2:

http://www.idevelopment.info/data/Unix/Linux/LINUX_ConfiguringXDMCPRedHat... 20/02/2011
Configuring XDMCP and GDM on Red Hat Linux Page 5 of 6

[root@oemprod ~]# Xnest -query racdb2 -geometry 1280x1024 :1

Troubleshooting

Probably the most common error when configuring graphic remote login access is the Linux firewall
rules. Make certain the Linux firewall rules allow the XDMCP protocol to pass:

List the firewall rules

[root@racdb2 ~]# iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

If needed, flush all firewall rules

[root@racdb2 ~]# iptables -F

Finally, ensure the following ports and protocols are able to pass through the firewall:

XDMCP / X11 Ports and Protocols

Protocol Port Data Type
UDP 177 XDMCP
TCP 6000-6005 X11 protocol
TCP 7100 xfs: X font server

http://www.idevelopment.info/data/Unix/Linux/LINUX_ConfiguringXDMCPRedHat... 20/02/2011
Configuring XDMCP and GDM on Red Hat Linux Page 6 of 6

Total System Better Remote Desktop Absoft Technology DimDim Alternative

Information Extend and Optimize RDP News DimDim left you stranded?
Asset Agent & Utility for Easy Setup. Low Cost. Software Reviews, Come check out OnSync
Windows, AppleMac, Free Trial! Networking Programing for free.
UNIX/Linux - GUI/CLI/API www.elusiva.com/SuperRDP And Articles www.digitalsamba.com

Last modified on: Saturday, 18-Sep-2010 18:21:09 EDT

Page Count: 50183

http://www.idevelopment.info/data/Unix/Linux/LINUX_ConfiguringXDMCPRedHat... 20/02/2011