guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <harry.dev...@faa.gov>
Subject RE: Configuring LDAP
Date Tue, 21 Nov 2017 13:10:34 GMT
I set SELinux to permissive and put the LDAP extension back (its under /usr/share/tomcat/.guacamole/extensions),
restarted tomcat and guacd, and try to log in using an LDAP user.  I click Login and on the
Network tab, it shows tokens (/guacamole/api/tokens) as having a “pending” status.  Never
gets any further.

Harry

From: Nick Couchman [mailto:vnick@apache.org]
Sent: Monday, November 20, 2017 2:04 PM
To: user@guacamole.apache.org
Subject: Re: Configuring LDAP

On Mon, Nov 20, 2017 at 1:52 PM, <harry.devine@faa.gov<mailto:harry.devine@faa.gov>>
wrote:
We’re using Red Hat Enterprise Linux 7.4 with SELinux set to enforcing.  I disabled the
LDAP extension and just used MySQL for the guacadmin user and could log in.  I do see the
following information in /var/log/messages:


This sounds like the server-side, but are you able to temporarily disable SELinux (set it
to permissive mode, "setenforce 0") and then restart Tomcat and see if it works with LDAP?
I'm not suggesting this as a long-term fix, just long enough to validate whether SELinux is,
indeed, blocking LDAP traffic, or if it's still something else?

-Nick
Mime
View raw message