OK, here goes: https://pastebin.com/Be35FaN6
Thanks, Harry From: Mike Jumper [mailto:mike.jum...@guac-dev.org] Sent: Monday, November 13, 2017 3:49 PM To: user@guacamole.incubator.apache.org Subject: Re: Configuring LDAP Don't send it to me directly off-list - things really need to be kept on-list. pastebin or a GitHub gist are decent choices. You could also paste the logs directly into a new email. I don't recommend trying to attach the logs, as attachments are sometimes filtered away. On Mon, Nov 13, 2017 at 12:44 PM, <harry.dev...@faa.gov<mailto:harry.dev...@faa.gov>> wrote: Any place in particular? Not really sure where I can put something like that. Can I send it to you off-list? Thanks, Harry From: Mike Jumper [mailto:mike.jum...@guac-dev.org<mailto:mike.jum...@guac-dev.org>] Sent: Monday, November 13, 2017 2:02 PM To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org> Subject: Re: Configuring LDAP Following a restart of Tomcat, can you post the entire Tomcat log somewhere, at least the portion which follows that restart? - Mike On Mon, Nov 13, 2017 at 10:51 AM, <harry.dev...@faa.gov<mailto:harry.dev...@faa.gov>> wrote: I tried to add GUACAMOLE_HOME=”/etc/guacamole” into /etc/tomcat/tomcat.conf and restarting Tomcat, but that didn’t work. Instead of getting “Login failed” on the page, the page did nothing. So I backed that out and restarted everything, and can’t log in at all. I enter the guacadmin user and password and click Login, and nothing happens. I do see a successful login message in /var/log/messages, but the page doesn’t redirect me anywhere any longer. Thanks, Harry From: Devine, Harry (FAA) Sent: Monday, November 13, 2017 8:49 AM To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org> Subject: RE: Configuring LDAP Well, I tried moving the extensions to /etc/guacamole and restarting Tomcat and guacamole, and I still don’t see LDAP referenced in the logs. Where do I set that in catalina.properties? That’s my next step. Also, when I try to log in, I do see the following error in the log (I masked out the IP and the user name): Nov 13 08:32:28 access server: 08:32:28.177 [http-bio-8080-exec-1] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from xxx.xxx.xxx.xxx for user "user" failed. Thanks, Harry From: Nick Couchman [mailto:vn...@apache.org] Sent: Monday, November 13, 2017 8:05 AM To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org> Subject: Re: Configuring LDAP On Mon, Nov 13, 2017 at 7:55 AM, <harry.dev...@faa.gov<mailto:harry.dev...@faa.gov>> wrote: I just restarted Guacamole and Tomcat, and I don’t see anything about LDAP loading. I have the 0.9.13 LDAP extension at /usr/share/tomcat/.guacamole/extensions. Is that the proper directory for it? I’m pretty sure that’s where the user guide said to put it. I also have the pertinent LDAP parameters set in the guacamole.properties file at /etc/guacamole. In 0.9.13-incubating, if you downloaded the release from the website, then the default GUACAMOLE_HOME will be the $HOME/.guacamole directory. Double-check and make sure that's the Tomcat user's home directory. You can also change the GUACAMOLE_HOME via either the guacamole.home property in Tomcat's catalina.properties file, or by setting the GUACAMOLE_HOME environment variable before starting Tomcat. This changes slightly in 0.9.14-incubating (git repo), with /etc/guacamole becoming the fallback-default location. If you have guacamole.properties in /etc/guacamole, and you can successfully change other items in that file and see the changes take effect, then I believe your GUACAMOLE_HOME is probably configured for /etc/guacamole, in which case your extensions should be in /etc/guacamole/extensions. So, you might try creating that directory, placing the LDAP extension there, and then restarting Tomcat. -Nick