Re: Problems connecting to RDP server Weston with rdp backend

2022-01-11 Thread Fernando C . de Urien y Muñiz 
Hi! Thanks for your answer.
Just tried with "remmina/freeRDP" on ubuntu 20.04 (same as guacd box) and
it works.  I already tried to disable catching.

is there anyway to see the "settings" that remmina used to connect so I can
"set them up" in guacamole?

Thanks!
Fernando

El mié, 12 ene 2022 a las 3:07, Ivanmarcus ()
escribió:

>
> Fernando,
>
> I have zero experience of your remote environment, however perhaps you
> could try initially connecting direct with Remmina/FreeRDP (pref the
> same version as you're using for Guacamole)?
>
> If that works then try Guacamole again, specifically disabling all the
> caching options. It may also be worth experimenting with some different
> display settings (eg. true colour etc).
>
> If perchance a direct FreeRDP connection doesn't work I suspect
> Guacamole won't either, until whatever impediment is resolved. However
> in that instance it should narrow things down somewhat and hopefully
> make it a little easier to resolve.
>
> -
> To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
> For additional commands, e-mail: user-h...@guacamole.apache.org
>
>

Re: guacamole-server compilation error

2022-01-11 Thread Vieri 
 On Wednesday, January 12, 2022, 04:53:20 AM GMT+1, Mike Jumper 
 wrote: 

>
> Do you need guacenc? If not, you can disable that part of the build by
> passing the "--disable-guacenc" option to the configure script.
>
> The above build issue is specific to guacenc and newer FFMpeg. It's
> been fixed, but that fix is not part of 1.4.0:
> https://issues.apache.org/jira/browse/GUACAMOLE-1330

Yes, I need that feature - it's really useful although I can live without it 
for a while.
Nice to know that the GIT version compiles fine with newer ffmpeg versions.

Thanks,

Vieri

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Guacamole update: on-screen keyboard and printing

2022-01-11 Thread Vieri 
 On Tuesday, January 11, 2022, 11:43:54 PM GMT+1, Mike Jumper 
 wrote: 

> Are you running a copy of the webapp that has been modified from the mainline 
> .war in any way?


No, these are the exact commands I run on my system:

# wget 
https://apache.org/dyn/closer.lua/guacamole/1.4.0/binary/guacamole-1.4.0.war?action=download
 -O HMANsq.war
# mv ./HMANsq.war /var/lib/tomcat-8.5-hman/webapps/HMANsg.war
# /etc/init.d/tomcat-8.5-hman restart
 * Stopping 'tomcat-8.5-hman' ...   
 [ ok ]
 * Starting tomcat-8.5-hman ... 
 [ ok ]

I can even send the "empty" PDF file that the client downloads if that can be 
of any help.

If I roll back to using the previous server printing to PDF works fine (I get a 
PDF with the right content).

Do you think the issue is in guacamole-client, guacamole-server or a dependency?

I was asking to test the intermediate output of gs because maybe that's where 
the problem is.
I haven't tried to manually generate a PDF with gs on the new system, but I 
guess I coudl try that for starters.

Vieri


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: guacamole-server compilation error

2022-01-11 Thread Mike Jumper 
On Tue, Jan 11, 2022 at 2:12 PM Vieri  wrote:
>
> Hi,
>
> When I try to build 
> https://apache.org/dyn/closer.lua/guacamole/1.4.0/source/guacamole-server-1.4.0.tar.gz?action=download
>  I get this error:
>
> x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../..-Werror -Wall 
> -I../../src/libguac  -O2 -pipe -c -o guacenc-instruction-cfill.o `test -f 
> 'instruction-cfill.c' || echo './'`instruction-cfill.c
> ffmpeg-compat.c: In function ‘guacenc_avcodec_encode_video’:
> ffmpeg-compat.c:140:5: error: ‘av_init_packet’ is deprecated 
> [-Werror=deprecated-declarations]
>   140 | av_init_packet();
>   | ^~
> In file included from /usr/include/libavcodec/bsf.h:30,
>  from /usr/include/libavcodec/avcodec.h:44,
>  from video.h:27,
>  from ffmpeg-compat.h:24,
>  from ffmpeg-compat.c:21:
> /usr/include/libavcodec/packet.h:488:6: note: declared here
>   488 | void av_init_packet(AVPacket *pkt);
>   |  ^~
>
>
> I have ffmpeg-4.4.1.
>
> This is a part of the configure script output:
>
> 
> guacamole-server version 1.4.0
> 
>...
>Services / tools:
>
>   guacd .. yes
>   guacenc  yes
>   guaclog  yes
>
>FreeRDP plugins: /usr/lib64/freerdp2
>Init scripts: no
>Systemd units: no
>
> Any clues?
>

Do you need guacenc? If not, you can disable that part of the build by
passing the "--disable-guacenc" option to the configure script.

The above build issue is specific to guacenc and newer FFMpeg. It's
been fixed, but that fix is not part of 1.4.0:
https://issues.apache.org/jira/browse/GUACAMOLE-1330

- Mike

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Problems connecting to RDP server Weston with rdp backend

2022-01-11 Thread Ivanmarcus 



Fernando,

I have zero experience of your remote environment, however perhaps you 
could try initially connecting direct with Remmina/FreeRDP (pref the 
same version as you're using for Guacamole)?


If that works then try Guacamole again, specifically disabling all the 
caching options. It may also be worth experimenting with some different 
display settings (eg. true colour etc).


If perchance a direct FreeRDP connection doesn't work I suspect 
Guacamole won't either, until whatever impediment is resolved. However 
in that instance it should narrow things down somewhat and hopefully 
make it a little easier to resolve.


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Guacamole update: on-screen keyboard and printing

2022-01-11 Thread Mike Jumper 
Are you running a copy of the webapp that has been modified from the
mainline .war in any way?

- Mike

On Tue, Jan 11, 2022, 09:10 Vieri  wrote:

> Hi,
>
> After 2+ years of Guacamole running fine with the same version (and
> dependencies) I decided it was time to update the whole system.
> So the new system has a new freerdp lib, a new tomcat (but still 8.5), new
> guacd, etc.
> The clients and the target systems however are the same.
>
> There are two major issues I've encountered.
>
> On a Linux client with Firefox 95.0.1 amd64 the on-screen keyboard is
> always there no matter which other "input method" I choose. This does not
> occur with Google Chrome.
>
> Printing to a virtual PDF device opens a valid PDF file with a blank page.
>
> The target RDP systems are Windows 10, 7 and Server 2012.
>
> Installing the WAR file from the older Guacamole server does not change
> this behavior.
>
> So I'm guessing the problem might be with either freerdp or guacd. At
> least as far as the second issue is concerned (printing).
>
> The guacd log doesn't display any errors:
>
> guacd[29594]: Device 0 (PDF local) connected successfully
> guacd[29594]: Ignoring printer cached configuration data
> guacd[29594]: Print job created
> guacd[29594]: Created PDF filter process PID=29882
> guacd[29594]: Reading output from filter process...
> guacd[29882]: Running gs
> guacd[29594]: Beginning print stream: (*test. Notepad).pdf
> guacd[29594]: Sending 474 byte(s) of filtered output.
> guacd[29594]: Sending 2156 byte(s) of filtered output.
> guacd[29594]: End of print stream.
> guacd[29594]: Print job completed.
> guacd[29594]: Print job closed
>
> I have ghostscript 9.55.0.
>
> Any clues?
>
> What can I try?
>
> Regards,
>
> Vieri
>
>
>
> -
> To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
> For additional commands, e-mail: user-h...@guacamole.apache.org
>
>

Re: Guacamole update: on-screen keyboard and printing

2022-01-11 Thread Vieri 
Can "Running gs" be more verbose?
I just want to make sure ghostscript is producing the right output.

I am running both 1.4.0 and GIT versions, and RDP printing (device redirection) 
is broken on my system.
Testing with latest Firefox and Chrome clients.

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

guacamole-server compilation error

2022-01-11 Thread Vieri 
Hi,

When I try to build 
https://apache.org/dyn/closer.lua/guacamole/1.4.0/source/guacamole-server-1.4.0.tar.gz?action=download
 I get this error:

x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I../..    -Werror -Wall 
-I../../src/libguac  -O2 -pipe -c -o guacenc-instruction-cfill.o `test -f 
'instruction-cfill.c' || echo './'`instruction-cfill.c
ffmpeg-compat.c: In function ‘guacenc_avcodec_encode_video’:
ffmpeg-compat.c:140:5: error: ‘av_init_packet’ is deprecated 
[-Werror=deprecated-declarations]
  140 | av_init_packet();
  | ^~
In file included from /usr/include/libavcodec/bsf.h:30,
 from /usr/include/libavcodec/avcodec.h:44,
 from video.h:27,
 from ffmpeg-compat.h:24,
 from ffmpeg-compat.c:21:
/usr/include/libavcodec/packet.h:488:6: note: declared here
  488 | void av_init_packet(AVPacket *pkt);
  |  ^~


I have ffmpeg-4.4.1.

This is a part of the configure script output:


guacamole-server version 1.4.0


   Library status:

 freerdp2  yes
 pango ... yes
 libavcodec .. yes
 libavformat.. yes
 libavutil ... yes
 libssh2 . yes
 libssl .. yes
 libswscale .. yes
 libtelnet ... yes
 libVNCServer  yes
 libvorbis ... yes
 libpulse  yes
 libwebsockets ... yes
 libwebp . yes
 wsock32 . no

   Protocol support:

  Kubernetes  yes
  RDP ... yes
  SSH ... yes
  Telnet  yes
  VNC ... yes

   Services / tools:

  guacd .. yes
  guacenc  yes
  guaclog  yes

   FreeRDP plugins: /usr/lib64/freerdp2
   Init scripts: no
   Systemd units: no

Any clues?

Vieri


-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Re: Building an extension module: guacamole-ext 1.4.0 not found

2022-01-11 Thread Nick Couchman 
On Tue, Jan 11, 2022 at 4:26 PM Dustin Lang  wrote:

> Hi Nick,
> Thanks for your reply.  Glad to hear that it's not just me...  I don't
> need anything specific from 1.4.0, just wanted to test it out before
> sending my extension around for comment.
> cheers,
> --dustin
>
>
I believe we're planning on releasing the missing Maven artifiact pretty
soon, so it should be fixed here in the next day or so.

-Nick

>

Re: Building an extension module: guacamole-ext 1.4.0 not found

2022-01-11 Thread Dustin Lang 
Hi Nick,
Thanks for your reply.  Glad to hear that it's not just me...  I don't need
anything specific from 1.4.0, just wanted to test it out before sending my
extension around for comment.
cheers,
--dustin


On Tue, Jan 11, 2022 at 4:22 PM Nick Couchman  wrote:

> On Tue, Jan 11, 2022 at 4:11 PM Dustin Lang  wrote:
>
>> Hi,
>>
>> I'm trying to update my custom authentication module to use 1.4.0.
>>
>> In my pom.xml I first tried just changing the 1.3.0 to 1.4.0, that didn't
>> work, then I re-read the manual (
>> https://guacamole.apache.org/doc/gug/custom-auth.html), copy-pasting the
>> suggested pom.xml, and that also fails.  If I edit the 1.4.0 to 1.3.0, it
>> works.
>>
>> Below, it looks like maven is looking for "guacamole-client" instead of
>> "guacamole-ext" ... I have no idea why that would be!  Nothing in my
>> directory contains the string "guacamole-client"  I tried removing my
>> ~/.m2 directory, no effect.  I'm new to all this, so apologies if this is
>> something naive I'm doing wrong.
>>
>>
> I think there's an issue that's been identified with Maven artifacts, and
> the guacamole-client one is missing. You can solve this in one of two ways:
> 1) Just use the 1.3.0 extension with the 1.4.0 Guacamole Client install -
> it should work, unless there's something specific from 1.4.0 that you're
> trying to leverage.
> 2) Build the entire Guacamole Client code on the system where you're
> trying to build that module, which should give you the JAR artifacts you
> need.
>
> -Nick
>

Re: Building an extension module: guacamole-ext 1.4.0 not found

2022-01-11 Thread Nick Couchman 
On Tue, Jan 11, 2022 at 4:11 PM Dustin Lang  wrote:

> Hi,
>
> I'm trying to update my custom authentication module to use 1.4.0.
>
> In my pom.xml I first tried just changing the 1.3.0 to 1.4.0, that didn't
> work, then I re-read the manual (
> https://guacamole.apache.org/doc/gug/custom-auth.html), copy-pasting the
> suggested pom.xml, and that also fails.  If I edit the 1.4.0 to 1.3.0, it
> works.
>
> Below, it looks like maven is looking for "guacamole-client" instead of
> "guacamole-ext" ... I have no idea why that would be!  Nothing in my
> directory contains the string "guacamole-client"  I tried removing my
> ~/.m2 directory, no effect.  I'm new to all this, so apologies if this is
> something naive I'm doing wrong.
>
>
I think there's an issue that's been identified with Maven artifacts, and
the guacamole-client one is missing. You can solve this in one of two ways:
1) Just use the 1.3.0 extension with the 1.4.0 Guacamole Client install -
it should work, unless there's something specific from 1.4.0 that you're
trying to leverage.
2) Build the entire Guacamole Client code on the system where you're trying
to build that module, which should give you the JAR artifacts you need.

-Nick

[SECURITY] CVE-2021-43999: Apache Guacamole: Improper validation of SAML responses

2022-01-11 Thread Mike Jumper 
Severity: high

Description:

Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses
received from a SAML identity provider. If SAML support is enabled,
this may allow a malicious user to assume the identity of another
Guacamole user.

Credit:

We would like to thank Finn Steglich (ETAS) for reporting this issue.

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

[SECURITY] CVE-2021-41767: Apache Guacamole: Private tunnel identifier may be included in the non-private details of active connections

2022-01-11 Thread Mike Jumper 
Severity: moderate

Description:

Apache Guacamole 1.3.0 and older may incorrectly include a private
tunnel identifier in the non-private details of some REST responses.
This may allow an authenticated user who already has permission to
access a particular connection to read from or interact with another
user's active use of that same connection.

Credit:

We would like to thank Damian Velardo (Australia and New Zealand
Banking Group) for reporting this issue.

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

Building an extension module: guacamole-ext 1.4.0 not found

2022-01-11 Thread Dustin Lang 
Hi,

I'm trying to update my custom authentication module to use 1.4.0.

In my pom.xml I first tried just changing the 1.3.0 to 1.4.0, that didn't
work, then I re-read the manual (
https://guacamole.apache.org/doc/gug/custom-auth.html), copy-pasting the
suggested pom.xml, and that also fails.  If I edit the 1.4.0 to 1.3.0, it
works.

Below, it looks like maven is looking for "guacamole-client" instead of
"guacamole-ext" ... I have no idea why that would be!  Nothing in my
directory contains the string "guacamole-client"  I tried removing my
~/.m2 directory, no effect.  I'm new to all this, so apologies if this is
something naive I'm doing wrong.

Thanks,
--dustin


$ mvn -U package
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by
com.google.inject.internal.cglib.core.$ReflectUtils$1
(file:/usr/share/maven/lib/guice.jar) to method
java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of
com.google.inject.internal.cglib.core.$ReflectUtils$1
WARNING: Use --illegal-access=warn to enable warnings of further illegal
reflective access operations
WARNING: All illegal access operations will be denied in a future release
[INFO] Scanning for projects...
[INFO]
[INFO] -< com.github.dstndstn.guacamole:guacamole-create-vnc
>-
[INFO] Building guacamole-create-vnc 1.4.0
[INFO] [ jar
]-
Downloading from central:
https://repo.maven.apache.org/maven2/org/apache/guacamole/guacamole-client/1.4.0/guacamole-client-1.4.0.pom
[INFO]

[INFO] BUILD FAILURE
[INFO]

[INFO] Total time:  0.778 s
[INFO] Finished at: 2022-01-11T15:53:58-05:00
[INFO]

[ERROR] Failed to execute goal on project guacamole-create-vnc: Could not
resolve dependencies for project
com.github.dstndstn.guacamole:guacamole-create-vnc:jar:1.4.0: Failed to
collect dependencies at org.apache.guacamole:guacamole-ext:jar:1.4.0:
Failed to read artifact descriptor for
org.apache.guacamole:guacamole-ext:jar:1.4.0: Could not find artifact
org.apache.guacamole:guacamole-client:pom:1.4.0 in central (
https://repo.maven.apache.org/maven2) -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e
switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions,
please read the following articles:
[ERROR] [Help 1]
http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException

Re: After Upgrade 1.3 to 1.4 no connection working

2022-01-11 Thread Nick Couchman 
On Tue, Jan 11, 2022 at 8:22 AM Luciano Oliveira 
wrote:

> I had the same problems...
>
> Unbelievable... Configure
>
> guacamole.properties with
>
> guacd-hostname: 127.0.0.1
>
> and guacd.conf with:
>
> [server]
> bind_host = 127.0.0.1
> bind_port = 4822
>
> here worked
>
>
This is due to IPv4 vs. IPv6 differences - depending on the version of
Linux, guacd may listen on IPv6 by default, and Tomcat tries to connect on
IPv4. Forcing one or the other to use IPv4 or IPv6 usually works - in this
case, the change forces guacd to listen on IPv4, and Tomcat can connect to
it.

-Nick

>

Guacamole update: on-screen keyboard and printing

2022-01-11 Thread Vieri 
Hi,

After 2+ years of Guacamole running fine with the same version (and 
dependencies) I decided it was time to update the whole system.
So the new system has a new freerdp lib, a new tomcat (but still 8.5), new 
guacd, etc.
The clients and the target systems however are the same.

There are two major issues I've encountered.

On a Linux client with Firefox 95.0.1 amd64 the on-screen keyboard is always 
there no matter which other "input method" I choose. This does not occur with 
Google Chrome.

Printing to a virtual PDF device opens a valid PDF file with a blank page.

The target RDP systems are Windows 10, 7 and Server 2012.

Installing the WAR file from the older Guacamole server does not change this 
behavior.

So I'm guessing the problem might be with either freerdp or guacd. At least as 
far as the second issue is concerned (printing).

The guacd log doesn't display any errors:

guacd[29594]: Device 0 (PDF local) connected successfully
guacd[29594]: Ignoring printer cached configuration data
guacd[29594]: Print job created
guacd[29594]: Created PDF filter process PID=29882
guacd[29594]: Reading output from filter process...
guacd[29882]: Running gs
guacd[29594]: Beginning print stream: (*test. Notepad).pdf
guacd[29594]: Sending 474 byte(s) of filtered output.
guacd[29594]: Sending 2156 byte(s) of filtered output.
guacd[29594]: End of print stream.
guacd[29594]: Print job completed.
guacd[29594]: Print job closed

I have ghostscript 9.55.0.

Any clues?

What can I try?

Regards,

Vieri



-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For additional commands, e-mail: user-h...@guacamole.apache.org

*LONG* Directly using SQL tables

2022-01-11 Thread Jim Rx 
Greetings, I have a question about updating the database contents directly. Sorry for the length of the email, just trying to cover all the bases.

 

Our environment is using Guacamole 1.3 on a dedicated VM (VMware ESXi, 4 CPU, 16Gb RAM), leveraging SQL and LDAP/Active Directory.

 

We support a training company that will generally bring in 20 students at a time for class, several times over the course of a year.

 

Right now, we use generic "Student123" accounts associated with prebuilt connections and everything runs great. But we want to move to having students use their named logins (which means we'll also have to remove those entries at the end of class). The process of getting everything set up is pretty manual, so I'm looking for a way to script everything.

 

All authentication is pointed at our Windows Domain Controller using LDAP.

 

I have used CSV files and SQL commands in the past to add new connections (entries into the connections and connection_parameter tables). Those always show up in the Web UI just fine. I have not had any luck adding entries into the table with user names (entities) or the table with connections (connection_permissions). The rows are added to the table, but do not appear in the Web UI (this is being done ahead of a class starting, so the users are in AD but they have never logged on any of our systems).

 

When using this method, user login attempts fail with no apparent log entries (I think I checked them all... /var/etc/tomcat9/ catalina.out, localhost_access_log.-MM-DD.txt, localhost.-MM-DD.log; /var/log/syslog, /var/log/messages, /var/log/nginx/guac_access.log guac_error.log ).

If I only add the connection information (nothing in the entity or permissions tables) then the user can log in successfully, but I have to go back and manually add their connection information. I'd like to keep from doing things manually as possible.

 

Below are the details of the configuration and the SQL commands I used in my attempts.

 

Thank you

 

Jim

 

/etc/guacamole/guacamole.properties looks like this:

guacd-hostname: localhost
guacd-port: 4822
user-mapping: /etc/guacamole/user-mapping.xml
auth-provider: net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider


# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole_db
mysql-username: guacamole_user
mysql-password: $UPER$ecret
mysql-auto-create-accounts: true

# LDAP Properties
ldap-hostname: 10.0.0.10
ldap-port: 389
ldap-encryption-method: none
#ldap-user-base-dn: OU=them, DC=our, DC=net
ldap-user-base-dn: DC=our,DC=net
ldap-username-attribute: samAccountName
ldap-search-bind-dn: cn=SVC.GUACAMOLE, ou=Service Accounts, ou=Administration, dc=our, dc=net
ldap-search-bind-password: $UPER$ecret
#ldap-user-search-filter: (objectClass=user)(!(objectCategory=computer))
ldap-user-search-filter: (sAMAccountType=805306368)


The process that I attempted to use was as follows:

Create the required CSV files-

NEW_STUDENT_CONNECTION.csv:
284,NS-Linux-01,\N,rdp,\N,\N,\N,\N,\N,\N,0
285,NS-Linux-02,\N,rdp,\N,\N,\N,\N,\N,\N,0
286,NS-Linux-03,\N,rdp,\N,\N,\N,\N,\N,\N,0
287,NS-Linux-04,\N,rdp,\N,\N,\N,\N,\N,\N,0
314,NS-Windows-01,\N,rdp,\N,\N,\N,\N,\N,\N,0
315,NS-Windows-02,\N,rdp,\N,\N,\N,\N,\N,\N,0
316,NS-Windows-03,\N,rdp,\N,\N,\N,\N,\N,\N,0
317,NS-Windows-04,\N,rdp,\N,\N,\N,\N,\N,\N,0

 


NEW_STUDENT_CONNECTION_PARAMETERS.csv:
284,hostname,10.16.6.100
284,ignore-cert,true
284,port,3389
285,hostname,10.16.6.101
285,ignore-cert,true
285,port,3389
286,hostname,10.16.6.102
286,ignore-cert,true
286,port,3389
287,hostname,10.16.6.103
287,ignore-cert,true
287,port,3389
314,hostname,10.16.6.130
314,ignore-cert,true
314,port,3389
315,hostname,10.16.6.131
315,ignore-cert,true
315,port,3389
316,hostname,10.16.6.132
316,ignore-cert,true
316,port,3389
317,hostname,10.16.6.133
317,ignore-cert,true
317,port,3389

 

 

NEW_STUDENT_ENTITY.csv:
141,2299shenry,USER
142,2299sjones,USER
143,2299bsmith,USER
144,2299gstetson,USER

 

 

NEW_STUDENT_CONNECTION_PERMISSIONS.csv:
141,284,READ
141,314,READ
142,285,READ
142,315,READ
143,286,READ
143,316,READ
144,287,READ
144,317,READ


Once the files were in place on the server, I ran the following commands:

 

mysql -u root
use guacamole_db;
LOAD DATA INFILE '/tmp/NEW_STUDENT_CONNECTION.csv' INTO TABLE guacamole_connection FIELDS TERMINATED BY ',' LINES TERMINATED BY '\n';
LOAD DATA INFILE '/tmp/NEW_STUDENT_CONNECTION_PARAMETERS.csv' INTO TABLE guacamole_connection_parameter FIELDS TERMINATED BY ',' LINES TERMINATED BY '\n';
LOAD DATA INFILE '/tmp/NEW_STUDENT_ENTITY.csv' INTO TABLE guacamole_entity FIELDS TERMINATED BY ',' LINES TERMINATED BY '\n';
LOAD DATA INFILE '/tmp/NEW_STUDENT_CONNECTION_PERMISSIONS.csv' INTO TABLE guacamole_connection_permission FIELDS TERMINATED BY ',' LINES TERMINATED BY '\n';
exit;

 

-
To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org
For

Guacamole Group integration with MS Active Directory

2022-01-11 Thread Kevin Cameron 
Has any one done work with MS Active Directory and importing / associating 
users to groups so a user does not have to be manually added to a group?  I 
have my LDAP working to pull users and authenticate against AD but have not 
been able to figure out the group aspect.

Feedback, tips or examples would be super helpful!

Thanks,
Kevin

Kevin Cameron
Senior Cloud Orchestration Engineer

[https://apps.kinaxis.com/email-signature/images/Kinaxis-logo-150px.png]

O: +1 (343) 803-3972 | M: +1 (613) 850-3955

[https://apps.kinaxis.com/email-signature/images/icon-linkedin-32px-lightblue.png]
  
[https://apps.kinaxis.com/email-signature/images/icon-twitter-32px-lightblue.png]
    
[https://apps.kinaxis.com/email-signature/images/icon-facebook-32px-lightblue.png]
    
[https://apps.kinaxis.com/email-signature/images/icon-youtube-32px-lightblue.png]
    
[https://apps.kinaxis.com/email-signature/images/icon-instagram-32px-lightblue.png]
 
Follow Kinaxis on LinkedIn  for the 
latest supply chain insights.

Confidential. This email and any attachments hereto may contain private, 
confidential, and privileged material for the sole use of the addressee. Any 
review, copying, or distribution of this email (or any attachments thereto) by 
others is strictly prohibited. If you are not the intended recipient, please 
return this email to the sender immediately and permanently delete the original 
and any copies of this email and any of its attachments. Thank you.

RE: After Upgrade 1.3 to 1.4 no connection working

2022-01-11 Thread Mueller Florian | BMZ GmbH 
Thanks a lot. It´s working

In guacamole.properties the ip was set but the guacd.conf file was missing.


I had the same problems...

Unbelievable... Configure

guacamole.properties with

guacd-hostname: 127.0.0.1

and guacd.conf with:

[server]
bind_host = 127.0.0.1
bind_port = 4822

here worked



Hi,



Update from 1.3 to 1.4 went ok. No errors and all is starting but i cannot 
connect to any configured connections. I get error message that connection to 
guacamole server is closed because an internal error within guacamole server. I 
only see log entries in catalina.out.

[http-nio-8080-exec-1] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - 
Creation of WebSocket tunnel to guacd failed: java.net.ConnectException: 
Verbindungsaufbau abgelehnt (Connection refused)

[info] 07:57:46.894 [http-nio-8080-exec-3] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: 
java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused)



Hope you could help

RE: After Upgrade 1.3 to 1.4 no connection working

2022-01-11 Thread Luciano Oliveira 
I had the same problems...

Unbelievable... Configure

guacamole.properties with

guacd-hostname: 127.0.0.1

and guacd.conf with:

[server]
bind_host = 127.0.0.1
bind_port = 4822

here worked


De: Mueller Florian | BMZ GmbH 
Enviado: terça-feira, 11 de janeiro de 2022 07:03
Para: user@guacamole.apache.org 
Assunto: After Upgrade 1.3 to 1.4 no connection working


Hi,



Update from 1.3 to 1.4 went ok. No errors and all is starting but i cannot 
connect to any configured connections. I get error message that connection to 
guacamole server is closed because an internal error within guacamole server. I 
only see log entries in catalina.out.

[http-nio-8080-exec-1] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - 
Creation of WebSocket tunnel to guacd failed: java.net.ConnectException: 
Verbindungsaufbau abgelehnt (Connection refused)

[info] 07:57:46.894 [http-nio-8080-exec-3] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: 
java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused)



Hope you could help

After Upgrade 1.3 to 1.4 no connection working

2022-01-11 Thread Mueller Florian | BMZ GmbH 
Hi,

Update from 1.3 to 1.4 went ok. No errors and all is starting but i cannot 
connect to any configured connections. I get error message that connection to 
guacamole server is closed because an internal error within guacamole server. I 
only see log entries in catalina.out.
[http-nio-8080-exec-1] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - 
Creation of WebSocket tunnel to guacd failed: java.net.ConnectException: 
Verbindungsaufbau abgelehnt (Connection refused)
[info] 07:57:46.894 [http-nio-8080-exec-3] ERROR 
o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: 
java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused)

Hope you could help

Problems connecting to RDP server Weston with rdp backend

2022-01-11 Thread Fernando C . de Urien y Muñiz 
Hello,

We are using Guacamole to connect via RDP to a Weston Wayland component
that uses the "rdp backend"
The Guacamole client connects to the Weston but we can only see a black
screen. We suspect that the mouse input works despite not being able to see
it because when we randomly clicked the black screen, we were able to
launch apps.
We have tried different configurations but we could not get them to work.
Same config/installation works when connecting to Windows10 RDP and XRDP.
Other protocols as SSH work when connecting to the same box.
Using Microsoft client "mstsc.exe" works correctly.

Could someone help us? Any hints to check?

*Guacamole server:*
ubuntu 20.04
guacd 1.3.0
freerdp libraries: 2.2.0+dfsg1-0ubuntu0.20.04.2

*Guacamole client:*
guacamole client 1.3.0

*Server backend*
weston 9.0.91
wayland-protocols 1.24

*Guacd log when connecting to weston:*

Dec 17 11:18:46 ip-172-33-33-54 guacd[437236]: Creating new client for
protocol "rdp"
Dec 17 11:18:46 ip-172-33-33-54 guacd[437236]: Connection ID is
"$90917542-58fb-44af-8023-105171552fd7"
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Processing instruction: size
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Processing instruction: audio
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Processing instruction: video
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Processing instruction: image
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "console" omitted.
Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "console-audio"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "disable-auth"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Security mode: TLS
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: User resolution is 1024x768
at 96 DPI
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "dpi" omitted.
Using default value of 96.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Using resolution of 1024x768
at 96 DPI
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "read-only"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "client-name"
omitted. Using default value of "Guacamole RDP".
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "enable-wallpaper"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "enable-theming"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"enable-font-smoothing" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"enable-full-window-drag" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"enable-desktop-composition" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"enable-menu-animations" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"disable-bitmap-caching" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"disable-offscreen-caching" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"disable-glyph-caching" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "color-depth"
omitted. Using default value of 16.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "disable-audio"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "enable-printing"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "printer-name"
omitted. Using default value of "Guacamole Printer".
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "enable-drive"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "drive-name"
omitted. Using default value of "Guacamole Filesystem".
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "drive-path"
omitted. Using default value of "".
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter
"create-drive-path" omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "disable-download"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "disable-upload"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "enable-sftp"
omitted. Using default value of 0.
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "sftp-hostname"
omitted. Using default value of "10.11.0.18".
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "sftp-port"
omitted. Using default value of "22".
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "sftp-username"
omitted. Using default value of "".
Dec 17 11:18:46 ip-172-33-33-54 guacd[437456]: Parameter "sftp-password"
omitted. Using default value of "".
Dec 17 11:18:46