Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 17AF7200D4A for ; Tue, 14 Nov 2017 01:28:18 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id B0CB8160C0A; Tue, 14 Nov 2017 00:28:12 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 82215160BF3 for ; Tue, 14 Nov 2017 01:28:11 +0100 (CET) Received: (qmail 60426 invoked by uid 500); 14 Nov 2017 00:28:00 -0000 Mailing-List: contact user-help@guacamole.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@guacamole.incubator.apache.org Delivered-To: mailing list user@guacamole.incubator.apache.org Received: (qmail 60416 invoked by uid 99); 14 Nov 2017 00:28:00 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Nov 2017 00:28:00 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id CF2C71A0BCC for ; Tue, 14 Nov 2017 00:27:59 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -3.001 X-Spam-Level: X-Spam-Status: No, score=-3.001 tagged_above=-999 required=6.31 tests=[HTML_MESSAGE=2, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id Zm9amCTWjOk3 for ; Tue, 14 Nov 2017 00:27:57 +0000 (UTC) Received: from amcrelay2.faa.gov (amcrelay2.faa.gov [162.58.35.115]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 3BEFC5FB2D for ; Tue, 14 Nov 2017 00:27:56 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2GdAAA3OApa/yoA/MZbGQEBAQEBAQEBA?= =?us-ascii?q?QEBAQcBAQEBAYJEAUQsZIEVB44Wjy8vgU6RCIVIEIIBCh+BD4QNAoRlPxgBAQE?= =?us-ascii?q?BAQEBAQEDaCiCakdXAQEBAQEBASMCDSI7AQEBAQOBCQIBCA0EBAEBFwEBDwcyF?= =?us-ascii?q?AkIAgQTCId9gTlkBZ9xAopSg0ohAopuAQEBAQEBAQECAQEBAQEBAQEBAQEdCQG?= =?us-ascii?q?DKoIHgz6DKoRaCgESAQlMEgEFB4UjBYomh0KBcI5Sh2uHO4VVgn2JIIcujGiFS?= =?us-ascii?q?wGDQwICDQIagTkfOYEDbyoMSlhDgiEJglMcgWd3AYYbDRYCgQwBgRABAQE?= X-IronPort-AV: E=Sophos;i="5.44,392,1505797200"; d="scan'208,217";a="35185810" Received: from unknown (HELO 006-smtp-out.faa.gov) ([198.252.0.42]) by amcrelay2.faa.gov with ESMTP; 13 Nov 2017 18:27:53 -0600 Received: from SN1F00601MB029.006f.mgd2.msft.net (23.103.4.81) by 006FCH1MMR2-001.006f.mgd2.msft.net (198.252.0.42) with Microsoft SMTP Server (TLS) id 14.3.248.3; Tue, 14 Nov 2017 00:27:53 +0000 Received: from SN1F00601MB032.006f.mgd2.msft.net (23.103.4.84) by SN1F00601MB029.006f.mgd2.msft.net (23.103.4.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.20.156.9; Tue, 14 Nov 2017 00:27:52 +0000 Received: from SN1F00601MB032.006f.mgd2.msft.net ([23.103.4.84]) by SN1F00601MB032.006f.mgd2.msft.net ([23.103.4.84]) with mapi id 15.20.0156.009; Tue, 14 Nov 2017 00:27:52 +0000 From: To: Subject: Re: Configuring LDAP Thread-Topic: Configuring LDAP Thread-Index: AdNZm1CiP4Zu7R2zToG1rLZUZhNqDwAJvRcAAAB/GHEArn9sUAAAc6sAAAFkWvAACpw6gAAAdg8AAAOJ0KAAADGnAAAANh6gAAIkCoAABT9lIw== Date: Tue, 14 Nov 2017 00:27:51 +0000 Message-ID: <7695c19f48ca4e73908357a77c36b739@SN1F00601MB032.006f.mgd2.msft.net> References: <387178377b0148a8aaadcb071a9b3de3@SN1F00601MB032.006f.mgd2.msft.net> <786d6c2107b9440dba9c5eab4ce61657@SN1F00601MB032.006f.mgd2.msft.net> <34a3021828fa4d2fa2575ce2ea063bb9@SN1F00601MB032.006f.mgd2.msft.net> <4af3253940b74a9a94539e01c5852018@SN1F00601MB032.006f.mgd2.msft.net> <5e54f184f7124ca197b5c4c71b0c1e6e@SN1F00601MB032.006f.mgd2.msft.net>, In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [23.103.4.197] x-ms-publictraffictype: Email x-ms-traffictypediagnostic: SN1F00601MB029: Content-Type: multipart/alternative; boundary="_000_7695c19f48ca4e73908357a77c36b739SN1F00601MB032006fmgd2m_" MIME-Version: 1.0 archived-at: Tue, 14 Nov 2017 00:28:18 -0000 --_000_7695c19f48ca4e73908357a77c36b739SN1F00601MB032006fmgd2m_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable /var/log/tomcat/catalina.2017-11-13.log ________________________________ From: Mike Jumper Sent: Monday, November 13, 2017 4:56:23 PM To: user@guacamole.incubator.apache.org Subject: Re: Configuring LDAP Which log are these messages from? - Mike On Mon, Nov 13, 2017 at 12:55 PM, > wrote: OK, here goes: https://pastebin.com/Be35FaN6 Thanks, Harry From: Mike Jumper [mailto:mike.jumper@guac-dev.org] Sent: Monday, November 13, 2017 3:49 PM To: user@guacamole.incubator.apache.org Subject: Re: Configuring LDAP Don't send it to me directly off-list - things really need to be kept on-li= st. pastebin or a GitHub gist are decent choices. You could also paste the logs= directly into a new email. I don't recommend trying to attach the logs, as= attachments are sometimes filtered away. On Mon, Nov 13, 2017 at 12:44 PM, > wrote: Any place in particular? Not really sure where I can put something like th= at. Can I send it to you off-list? Thanks, Harry From: Mike Jumper [mailto:mike.jumper@guac-dev.org] Sent: Monday, November 13, 2017 2:02 PM To: user@guacamole.incubator.apache.org Subject: Re: Configuring LDAP Following a restart of Tomcat, can you post the entire Tomcat log somewhere= , at least the portion which follows that restart? - Mike On Mon, Nov 13, 2017 at 10:51 AM, > wrote: I tried to add GUACAMOLE_HOME=3D=94/etc/guacamole=94 into /etc/tomcat/tomca= t.conf and restarting Tomcat, but that didn=92t work. Instead of getting = =93Login failed=94 on the page, the page did nothing. So I backed that out= and restarted everything, and can=92t log in at all. I enter the guacadmi= n user and password and click Login, and nothing happens. I do see a succe= ssful login message in /var/log/messages, but the page doesn=92t redirect m= e anywhere any longer. Thanks, Harry From: Devine, Harry (FAA) Sent: Monday, November 13, 2017 8:49 AM To: user@guacamole.incubator.apache.org Subject: RE: Configuring LDAP Well, I tried moving the extensions to /etc/guacamole and restarting Tomcat= and guacamole, and I still don=92t see LDAP referenced in the logs. Where= do I set that in catalina.properties? That=92s my next step. Also, when = I try to log in, I do see the following error in the log (I masked out the = IP and the user name): Nov 13 08:32:28 access server: 08:32:28.177 [http-bio-8080-exec-1] WARN o.= a.g.r.auth.AuthenticationService - Authentication attempt from xxx.xxx.xxx.= xxx for user "user" failed. Thanks, Harry From: Nick Couchman [mailto:vnick@apache.org] Sent: Monday, November 13, 2017 8:05 AM To: user@guacamole.incubator.apache.org Subject: Re: Configuring LDAP On Mon, Nov 13, 2017 at 7:55 AM, > wrote: I just restarted Guacamole and Tomcat, and I don=92t see anything about LDA= P loading. I have the 0.9.13 LDAP extension at /usr/share/tomcat/.guacamol= e/extensions. Is that the proper directory for it? I=92m pretty sure that= =92s where the user guide said to put it. I also have the pertinent LDAP p= arameters set in the guacamole.properties file at /etc/guacamole. In 0.9.13-incubating, if you downloaded the release from the website, then = the default GUACAMOLE_HOME will be the $HOME/.guacamole directory. Double-= check and make sure that's the Tomcat user's home directory. You can also = change the GUACAMOLE_HOME via either the guacamole.home property in Tomcat'= s catalina.properties file, or by setting the GUACAMOLE_HOME environment va= riable before starting Tomcat. This changes slightly in 0.9.14-incubating = (git repo), with /etc/guacamole becoming the fallback-default location. If you have guacamole.properties in /etc/guacamole, and you can successfull= y change other items in that file and see the changes take effect, then I b= elieve your GUACAMOLE_HOME is probably configured for /etc/guacamole, in wh= ich case your extensions should be in /etc/guacamole/extensions. So, you m= ight try creating that directory, placing the LDAP extension there, and the= n restarting Tomcat. -Nick --_000_7695c19f48ca4e73908357a77c36b739SN1F00601MB032006fmgd2m_ Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable /var/log/tomcat/catalina.2017-11-13.log
From: Mike Jumper <mike.= jumper@guac-dev.org>
Sent: Monday, November 13, 2017 4:56:23 PM
To: user@guacamole.incubator.apache.org
Subject: Re: Configuring LDAP
 
Which log are these messages from?

- Mike


On Mon, Nov 13, 2017 at 12:55 PM, <harry.dev= ine@faa.gov> wrote:

OK, here goes:  https://pastebi= n.com/Be35FaN6

 

Thanks,

Harry

 

From: Mike Jumper [mailto:mike.jumper@guac-dev.org]
Sent: Monday, November 13, 2017 3:49 PM


To: user@guacamole.incubator.apache.org
Subject: Re: Configuring LDAP

 

Don't send it to me directly off-list - things reall= y need to be kept on-list.

 

pastebin or a GitHub gist are decent choices. You co= uld also paste the logs directly into a new email. I don't recommend trying= to attach the logs, as attachments are sometimes filtered away.<= /u>

 

 

On Mon, Nov 13, 2017 at 12:44 PM, <harry.devine@faa.gov> wr= ote:

Any place in particular?  Not re= ally sure where I can put something like that.  Can I send it to you o= ff-list?

 

Thanks,

Harry

 

From: Mike Jumper [mailto:mike.jumper@guac-dev.org]
Sent: Monday, November 13, 2017 2:02 PM


To: user@guacamole.incubator.apache.org
Subject: Re: Configuring LDAP

 

Following a restart of Tomcat, can you post the enti= re Tomcat log somewhere, at least the portion which follows that restart?

 

- Mike

 

 

On Mon, Nov 13, 2017 at 10:51 AM, <harry.devine@faa.gov> wr= ote:

I tried to add GUACAMOLE_HOME=3D=94/e= tc/guacamole=94 into /etc/tomcat/tomcat.conf and restarting Tomcat, bu= t that didn=92t work.  Instead of getting =93Login failed=94 on the page, the page did nothing.  So I backed that out and restarte= d everything, and can=92t log in at all.  I enter the guacadmin user a= nd password and click Login, and nothing happens.  I do see a successf= ul login message in /var/log/messages, but the page doesn=92t redirect me anywhere any longer.

 

Thanks,

Harry

 

From: Devine, Harry (FAA)
Sent: Monday, November 13, 2017 8:49 AM
To: user@guacamole.incubator.apache.org
Subject: RE: Configuring LDAP

 

Well, I tried moving the extensions t= o /etc/guacamole and restarting Tomcat and guacamole, and I still don=92t s= ee LDAP referenced in the logs.  Where do I set that in catalina.properties?  That=92s my next step.  Also, when= I try to log in, I do see the following error in the log (I masked out the= IP and the user name):

 

Nov 13 08:32:28 access server: 08:32:= 28.177 [http-bio-8080-exec-1] WARN  o.a.g.r.auth.AuthenticationSe= rvice - Authentication attempt from xxx.xxx.xxx.xxx for user "user" failed.

 

Thanks,

Harry

 

From: Nick Couchman [mailto:vnick@apache.org]
Sent: Monday, November 13, 2017 8:05 AM
To: user@guacamole.incubator.apache.org
Subject: Re: Configuring LDAP

 

On Mon, Nov 13, 2017 at 7:55 AM, <harry.devine@faa.gov> wro= te:

I just restarted Guacamole and Tomcat= , and I don=92t see anything about LDAP loading.  I have the 0.9.13 LD= AP extension at /usr/share/tomcat/.guacamole/extensions.  Is that the proper directory for it?  I=92m pretty sure that=92s wher= e the user guide said to put it.  I also have the pertinent LDAP param= eters set in the guacamole.properties file at /etc/guacamole.=

 

In 0.9.13-incubating, if you downloaded the release = from the website, then the default GUACAMOLE_HOME will be the $HOME/.guacam= ole directory.  Double-check and make sure that's the Tomcat user's ho= me directory.  You can also change the GUACAMOLE_HOME via either the guacamole.home property in Tomcat's catalina= .properties file, or by setting the GUACAMOLE_HOME environment variable bef= ore starting Tomcat.  This changes slightly in 0.9.14-incubating (git = repo), with /etc/guacamole becoming the fallback-default location.

 

If you have guacamole.properties in /etc/guacamole, = and you can successfully change other items in that file and see the change= s take effect, then I believe your GUACAMOLE_HOME is probably configured fo= r /etc/guacamole, in which case your extensions should be in /etc/guacamole/extensions.  So, you might try= creating that directory, placing the LDAP extension there, and then restar= ting Tomcat.

 

-Nick

 

 


--_000_7695c19f48ca4e73908357a77c36b739SN1F00601MB032006fmgd2m_--