We have mysql-connector-j-8.0.32.jar on our system and it works great with MariaDB 10.5.22
Note: we didn't install from an RPM but rather just downloaded and copied the jar file directly into /etc/guacamole/lib/ - perhaps guacamole is not finding the jar file where the RPM installs it. ________________________________ From: Devine, Harry (FAA) <harry.dev...@faa.gov.INVALID> Sent: Wednesday 17 January 2024 15:06 To: user@guacamole.apache.org <user@guacamole.apache.org> Subject: RE: Issue logging in locally as guacadmin on new install Any thoughts on this? I still can’t log in with guacadmin, but can log in with an LDAP user. I’ll need the local guacadmin user to be able to log in moving forward, and whatever the solution turns out to be for this, I’ll need to update my Ansible role so future Guacamole installations behave as intended. Thanks, Harry From: Devine, Harry (FAA) <harry.dev...@faa.gov.INVALID> Sent: Thursday, January 11, 2024 3:20 PM To: user@guacamole.apache.org Subject: RE: Issue logging in locally as guacadmin on new install I do have the “mysql-connector-j-8.0.33-1.el8.noarch.rpm” file as part of my Ansible role, and that gets installed as part of the playbook execution. Could it be that this is not the correct connector for MariaDB on RHEL 8? Thanks, Harry From: Devine, Harry (FAA) <harry.dev...@faa.gov.INVALID<mailto:harry.dev...@faa.gov.INVALID>> Sent: Thursday, January 11, 2024 3:14 PM To: user@guacamole.apache.org<mailto:user@guacamole.apache.org> Subject: Issue logging in locally as guacadmin on new install I have a playbook that installs Guacamole for me. I’ve been refining it for a few days and it’s finally just-about working, but the last thing left to get working is to log in as the local guacadmin user. I have the JDBC and LDAP jar files installed under /usr/share/tomcat/.guacamole/extensions, and the LDAP file loads, but the JDBC will not: Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - - [mysql] "MySQL Authentication" (/usr/share/tomcat/.guacamole/extensions/guacamole-auth-jdbc-mysql-1.5.4.jar) Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - - [ldap] "LDAP Authentication" (/usr/share/tomcat/.guacamole/extensions/guacamole-auth-ldap-1.5.4.jar) Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - - [tsose] "Guac-Test" (/usr/share/tomcat/.guacamole/extensions/tsose.jar) Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - To change this order, set the "extension-priority" property or rename the extension files. The default priority of extensions is dictated by the sort order of their filenames. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.797 [main] ERROR o.a.g.extension.ProviderFactory - authentication provider extension failed to start: No JDBC driver for MySQL/MariaDB is installed. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.798 [main] ERROR o.a.g.extension.ProviderFactory - authentication provider extension failed to start: No JDBC driver for MySQL/MariaDB is installed. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.834 [main] INFO o.a.g.extension.ExtensionModule - Extension "MySQL Authentication" (mysql) loaded. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.968 [main] WARN o.a.g.e.LanguageResourceService - Overlay language resource "de" does not exist. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.970 [main] INFO o.a.g.extension.ExtensionModule - Extension "LDAP Authentication" (ldap) loaded. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.990 [main] INFO o.a.g.extension.ExtensionModule - Extension "Guac-Test" (tsose) loaded. When I attempt to log in as guacadmin then as an LDAP user, the LDAP user works but not guacadmin (I redacted the LDAP server name and internal IPs): Jan 11 15:06:53 guac-test server[242104]: 15:06:53.904 [http-nio-8080-exec-3] WARN o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored because the relevant authentication provider could not be loaded. Please check for errors earlier in the logs. Jan 11 15:06:53 guac-test server[242104]: 15:06:53.904 [http-nio-8080-exec-3] WARN o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored because the relevant authentication provider could not be loaded. Please check for errors earlier in the logs. Jan 11 15:06:58 guac-test server[242104]: 15:06:58.885 [http-nio-8080-exec-2] WARN o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored because the relevant authentication provider could not be loaded. Please check for errors earlier in the logs. Jan 11 15:06:58 guac-test server[242104]: 15:06:58.892 [http-nio-8080-exec-2] INFO o.a.g.a.l.AuthenticationProviderService - Unable to determine DN of user "guacadmin" using LDAP server "ldap1". Proceeding with next server... Jan 11 15:06:58 guac-test server[242104]: 15:06:58.892 [http-nio-8080-exec-2] INFO o.a.g.a.l.AuthenticationProviderService - User "guacadmin" did not successfully authenticate against any LDAP server. Jan 11 15:06:58 guac-test server[242104]: 15:06:58.892 [http-nio-8080-exec-2] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user "guacadmin" failed. Any thoughts on what I could have misconfigured? Thanks, Harry Harry Devine Secure-OSE System Administrator Red Hat Certified System Administrator (RHCSA) Work: (609) 485-4218 FAA Cell: (609) 612-7274 Home Office/Telework: (609) 547-3579 IT Solutions Email Disclaimer - The information contained in this email message, including any files transmitted with it, is confidential and may be legally privileged. This e-mail is intended only for the personal attention of the stated addressee(s). Any access to this email, including any files transmitted with it, by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the accuracy or completeness of the information contained in this email or any files transmitted with it. If you have received this email in error, please inform the sender immediately and delete it and all copies from your system. You may not forward this email without the permission of the authorised sender. The views expressed in this email are those of the author, and do not necessarily represent the views of IT Solutions or its affiliates. Internet communications are not secure and IT Solutions cannot therefore accept legal responsibility for the contents of this message nor for any damage caused by viruses. This email has been scanned at the originating end. For further information on IT Solutions visit https://www.itsolutions.ie
