guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <harry.dev...@faa.gov>
Subject Re: Configuring LDAP
Date Tue, 14 Nov 2017 00:27:51 GMT
/var/log/tomcat/catalina.2017-11-13.log
________________________________
From: Mike Jumper <mike.jumper@guac-dev.org>
Sent: Monday, November 13, 2017 4:56:23 PM
To: user@guacamole.incubator.apache.org
Subject: Re: Configuring LDAP

Which log are these messages from?

- Mike


On Mon, Nov 13, 2017 at 12:55 PM, <harry.devine@faa.gov<mailto:harry.devine@faa.gov>>
wrote:
OK, here goes:  https://pastebin.com/Be35FaN6

Thanks,
Harry

From: Mike Jumper [mailto:mike.jumper@guac-dev.org<mailto:mike.jumper@guac-dev.org>]
Sent: Monday, November 13, 2017 3:49 PM

To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org>
Subject: Re: Configuring LDAP

Don't send it to me directly off-list - things really need to be kept on-list.

pastebin or a GitHub gist are decent choices. You could also paste the logs directly into
a new email. I don't recommend trying to attach the logs, as attachments are sometimes filtered
away.


On Mon, Nov 13, 2017 at 12:44 PM, <harry.devine@faa.gov<mailto:harry.devine@faa.gov>>
wrote:
Any place in particular?  Not really sure where I can put something like that.  Can I send
it to you off-list?

Thanks,
Harry

From: Mike Jumper [mailto:mike.jumper@guac-dev.org<mailto:mike.jumper@guac-dev.org>]
Sent: Monday, November 13, 2017 2:02 PM

To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org>
Subject: Re: Configuring LDAP

Following a restart of Tomcat, can you post the entire Tomcat log somewhere, at least the
portion which follows that restart?

- Mike


On Mon, Nov 13, 2017 at 10:51 AM, <harry.devine@faa.gov<mailto:harry.devine@faa.gov>>
wrote:
I tried to add GUACAMOLE_HOME=”/etc/guacamole” into /etc/tomcat/tomcat.conf and restarting
Tomcat, but that didn’t work.  Instead of getting “Login failed” on the page, the page
did nothing.  So I backed that out and restarted everything, and can’t log in at all.  I
enter the guacadmin user and password and click Login, and nothing happens.  I do see a successful
login message in /var/log/messages, but the page doesn’t redirect me anywhere any longer.

Thanks,
Harry

From: Devine, Harry (FAA)
Sent: Monday, November 13, 2017 8:49 AM
To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org>
Subject: RE: Configuring LDAP

Well, I tried moving the extensions to /etc/guacamole and restarting Tomcat and guacamole,
and I still don’t see LDAP referenced in the logs.  Where do I set that in catalina.properties?
 That’s my next step.  Also, when I try to log in, I do see the following error in the log
(I masked out the IP and the user name):

Nov 13 08:32:28 access server: 08:32:28.177 [http-bio-8080-exec-1] WARN  o.a.g.r.auth.AuthenticationService
- Authentication attempt from xxx.xxx.xxx.xxx for user "user" failed.

Thanks,
Harry

From: Nick Couchman [mailto:vnick@apache.org]
Sent: Monday, November 13, 2017 8:05 AM
To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org>
Subject: Re: Configuring LDAP

On Mon, Nov 13, 2017 at 7:55 AM, <harry.devine@faa.gov<mailto:harry.devine@faa.gov>>
wrote:
I just restarted Guacamole and Tomcat, and I don’t see anything about LDAP loading.  I have
the 0.9.13 LDAP extension at /usr/share/tomcat/.guacamole/extensions.  Is that the proper
directory for it?  I’m pretty sure that’s where the user guide said to put it.  I also
have the pertinent LDAP parameters set in the guacamole.properties file at /etc/guacamole.

In 0.9.13-incubating, if you downloaded the release from the website, then the default GUACAMOLE_HOME
will be the $HOME/.guacamole directory.  Double-check and make sure that's the Tomcat user's
home directory.  You can also change the GUACAMOLE_HOME via either the guacamole.home property
in Tomcat's catalina.properties file, or by setting the GUACAMOLE_HOME environment variable
before starting Tomcat.  This changes slightly in 0.9.14-incubating (git repo), with /etc/guacamole
becoming the fallback-default location.

If you have guacamole.properties in /etc/guacamole, and you can successfully change other
items in that file and see the changes take effect, then I believe your GUACAMOLE_HOME is
probably configured for /etc/guacamole, in which case your extensions should be in /etc/guacamole/extensions.
 So, you might try creating that directory, placing the LDAP extension there, and then restarting
Tomcat.

-Nick




Mime
View raw message