subject:"RE\: ldap question"

RE: ldap question

2018-10-22 Thread Angel Elena

-Mensaje original-
De: Mike Jumper 
Enviado:Lun 22-10-2018 21:01
Asunto: Re: ldap question
Para:   user@guacamole.apache.org; 
> On Mon, Oct 22, 2018 at 11:46 AM Angel Elena  <mailto:cr...@craem.net> > wrote:
> ...
> > 
> > # zeus, craem.net <http://craem.net> <http://craem.net <http://craem.net> > 
> > dn: cn=zeus,dc=craem,dc=net
> > objectClass: guacConfigGroup
> > objectClass: groupOfNames
> > cn: zeus server
> > cn: zeus
> > guacConfigProtocol: ssh
> > guacConfigParameter: hostname=zeus
> > guacConfigParameter: port=22
> > member: cn=angel,ou=zarafa-users,dc=craem,dc=net
> > 
> > 
> > 
> > According to what you've posted, the DN of this user is "cn=Angel 
> > Elena,cn=zarafa-users,dc=craem,dc=net", not "cn=angel,ou=...". The DN 
> specified 
> > in the member attribute here will not match.
> > 
> > - Mike
> > 
> > 
> 
> Ok, I try with another user:
> 
> root@asterisk:~# ldapsearch -h localhost -p 389 -x -b "dc=craem,dc=net"
> 
> # convidat, zarafa-users, craem.net <http://craem.net> 
> dn: cn=convidat,cn=zarafa-users,dc=craem,dc=net
> givenName: convidat
> sn: guifi
> cn: convidat
> uid: convidat
> uidNumber: 1027
> gidNumber: 500
> homeDirectory: /home/users/convidat
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> objectClass: radiusprofile
> dialupAccess: 1
> 
> 
> # zeus, craem.net <http://craem.net> 
> dn: cn=zeus,dc=craem,dc=net
> objectClass: guacConfigGroup
> objectClass: groupOfNames
> cn: zeus server
> cn: zeus
> guacConfigProtocol: ssh
> guacConfigParameter: hostname=zeus
> guacConfigParameter: port=22
> member: cn=convidat,cn=zarafa-users,dc=craem,dc=net
> member: cn=Angel Elena,cn=zarafa-users,dc=craem,dc=net
> 
> 
> With the same result no servers displayed, but i can login.
> 
> dn (distinguised name) = convidat  I think that all data is correct.
> 
> 
> 
> You will also need to specify the "ldap-config-base-dn" property. I don't see 
> this property in your earlier posts of your guacamole.properties. From the 
> section of the Guacamole manual covering installation and configuration of 
> LDAP 
> support:
> 
> "ldap-config-base-dn
> The base of the DN for all Guacamole configurations. This property is 
> optional. 
> If omitted, the configurations of Guacamole connections will simply not be 
> queried from the LDAP directory. ..."
> 
> See: http://guacamole.apache.org/doc/gug/ldap-auth.html 
> <http://guacamole.apache.org/doc/gug/ldap-auth.html> 
> 
> - Mike
> 

OMG !! Works !!!

added ldap-config-base-dn: DC=craem,DC=net and works fine!


Thanks Mike for your time ;)

Re: ldap question

2018-10-22 Thread Mike Jumper

On Mon, Oct 22, 2018 at 11:46 AM Angel Elena  wrote:

> ...
> >
> > # zeus, craem.net 
> > dn: cn=zeus,dc=craem,dc=net
> > objectClass: guacConfigGroup
> > objectClass: groupOfNames
> > cn: zeus server
> > cn: zeus
> > guacConfigProtocol: ssh
> > guacConfigParameter: hostname=zeus
> > guacConfigParameter: port=22
> > member: cn=angel,ou=zarafa-users,dc=craem,dc=net
> >
> >
> >
> > According to what you've posted, the DN of this user is "cn=Angel
> > Elena,cn=zarafa-users,dc=craem,dc=net", not "cn=angel,ou=...". The DN
> specified
> > in the member attribute here will not match.
> >
> > - Mike
> >
> >
>
> Ok, I try with another user:
>
> root@asterisk:~# ldapsearch -h localhost -p 389 -x -b "dc=craem,dc=net"
>
> # convidat, zarafa-users, craem.net
> dn: cn=convidat,cn=zarafa-users,dc=craem,dc=net
> givenName: convidat
> sn: guifi
> cn: convidat
> uid: convidat
> uidNumber: 1027
> gidNumber: 500
> homeDirectory: /home/users/convidat
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> objectClass: radiusprofile
> dialupAccess: 1
>
>
> # zeus, craem.net
> dn: cn=zeus,dc=craem,dc=net
> objectClass: guacConfigGroup
> objectClass: groupOfNames
> cn: zeus server
> cn: zeus
> guacConfigProtocol: ssh
> guacConfigParameter: hostname=zeus
> guacConfigParameter: port=22
> member: cn=convidat,cn=zarafa-users,dc=craem,dc=net
> member: cn=Angel Elena,cn=zarafa-users,dc=craem,dc=net
>
>
> With the same result no servers displayed, but i can login.
>
> dn (distinguised name) = convidat  I think that all data is correct.
>
>
You will also need to specify the "ldap-config-base-dn" property. I don't
see this property in your earlier posts of your guacamole.properties. From
the section of the Guacamole manual covering installation and configuration
of LDAP support:

"ldap-config-base-dn
The base of the DN for all Guacamole configurations. This property is
optional. If omitted, the configurations of Guacamole connections will
simply not be queried from the LDAP directory. ..."

See: http://guacamole.apache.org/doc/gug/ldap-auth.html

- Mike

RE: ldap question

2018-10-22 Thread Angel Elena

-Mensaje original-
De: Mike Jumper 
Enviado:Lun 22-10-2018 17:49
Asunto: Re: ldap question
Para:   user@guacamole.apache.org; 
> On Mon, Oct 22, 2018 at 8:04 AM Angel Elena  <mailto:cr...@craem.net> > wrote:
> -Mensaje original-
> De:    Mike Jumper mailto:mjum...@apache.org> >
> Enviado:    Lun 22-10-2018 16:59
> Asunto:    Re: ldap question
> Para:    user@guacamole.apache.org <mailto:user@guacamole.apache.org> ; 
> > On Mon, Oct 22, 2018, 07:57 Angel Elena  <mailto:cr...@craem.net> 
> > <mailto:cr...@craem.net <mailto:cr...@craem.net> > > wrote:
> > Hi Mike, thanks for the info.
> > 
> > I removed the config lines and local auth works now and the openLdap auth 
> works 
> > also, but when i logging with the username angel (ldap), no servers 
> > displayed.
> > 
> > 
> > Where are your connections stored? In LDAP? In a database?
> > 
> > - Mike
> > 
> > 
> 
> The connections are stored in ldap server:
> 
> root@asterisk:~# ldapsearch -h localhost -p 389 -x -b "dc=craem,dc=net" 
> 
> .
> .
> .
> .
> 
> # zeus, craem.net <http://craem.net> 
> dn: cn=zeus,dc=craem,dc=net
> objectClass: guacConfigGroup
> objectClass: groupOfNames
> cn: zeus server
> cn: zeus
> guacConfigProtocol: ssh
> guacConfigParameter: hostname=zeus
> guacConfigParameter: port=22
> member: cn=angel,ou=zarafa-users,dc=craem,dc=net
> 
> 
> 
> According to what you've posted, the DN of this user is "cn=Angel 
> Elena,cn=zarafa-users,dc=craem,dc=net", not "cn=angel,ou=...". The DN 
> specified 
> in the member attribute here will not match.
> 
> - Mike
> 
> 

Ok, I try with another user:

root@asterisk:~# ldapsearch -h localhost -p 389 -x -b "dc=craem,dc=net"

# convidat, zarafa-users, craem.net
dn: cn=convidat,cn=zarafa-users,dc=craem,dc=net
givenName: convidat
sn: guifi
cn: convidat
uid: convidat
uidNumber: 1027
gidNumber: 500
homeDirectory: /home/users/convidat
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: radiusprofile
dialupAccess: 1


# zeus, craem.net
dn: cn=zeus,dc=craem,dc=net
objectClass: guacConfigGroup
objectClass: groupOfNames
cn: zeus server
cn: zeus
guacConfigProtocol: ssh
guacConfigParameter: hostname=zeus
guacConfigParameter: port=22
member: cn=convidat,cn=zarafa-users,dc=craem,dc=net
member: cn=Angel Elena,cn=zarafa-users,dc=craem,dc=net


With the same result no servers displayed, but i can login.

dn (distinguised name) = convidat  I think that all data is correct.


Thanks

Re: ldap question

2018-10-22 Thread Mike Jumper

On Mon, Oct 22, 2018 at 8:04 AM Angel Elena  wrote:

> -Mensaje original-
> De:Mike Jumper 
> Enviado:Lun 22-10-2018 16:59
> Asunto:    Re: ldap question
> Para:user@guacamole.apache.org;
> > On Mon, Oct 22, 2018, 07:57 Angel Elena  > <mailto:cr...@craem.net> > wrote:
> > Hi Mike, thanks for the info.
> >
> > I removed the config lines and local auth works now and the openLdap
> auth works
> > also, but when i logging with the username angel (ldap), no servers
> displayed.
> >
> >
> > Where are your connections stored? In LDAP? In a database?
> >
> > - Mike
> >
> >
>
> The connections are stored in ldap server:
>
> root@asterisk:~# ldapsearch -h localhost -p 389 -x -b "dc=craem,dc=net"
>
> .
> .
> .
> .
>
> # zeus, craem.net
> dn: cn=zeus,dc=craem,dc=net
> objectClass: guacConfigGroup
> objectClass: groupOfNames
> cn: zeus server
> cn: zeus
> guacConfigProtocol: ssh
> guacConfigParameter: hostname=zeus
> guacConfigParameter: port=22
> member: cn=angel,ou=zarafa-users,dc=craem,dc=net
>
>
According to what you've posted, the DN of this user is "cn=Angel
Elena,cn=zarafa-users,dc=craem,dc=net", not "cn=angel,ou=...". The DN
specified in the member attribute here will not match.

- Mike

RE: ldap question

2018-10-22 Thread Angel Elena

-Mensaje original-
De: Mike Jumper 
Enviado:Lun 22-10-2018 16:59
Asunto: Re: ldap question
Para:   user@guacamole.apache.org; 
> On Mon, Oct 22, 2018, 07:57 Angel Elena  <mailto:cr...@craem.net> > wrote:
> Hi Mike, thanks for the info.
> 
> I removed the config lines and local auth works now and the openLdap auth 
> works 
> also, but when i logging with the username angel (ldap), no servers displayed.
> 
> 
> Where are your connections stored? In LDAP? In a database?
> 
> - Mike
> 
> 

The connections are stored in ldap server:

root@asterisk:~# ldapsearch -h localhost -p 389 -x -b "dc=craem,dc=net" 

.
.
.
.

# zeus, craem.net
dn: cn=zeus,dc=craem,dc=net
objectClass: guacConfigGroup
objectClass: groupOfNames
cn: zeus server
cn: zeus
guacConfigProtocol: ssh
guacConfigParameter: hostname=zeus
guacConfigParameter: port=22
member: cn=angel,ou=zarafa-users,dc=craem,dc=net

.
.
.
.
.

# Angel Elena, zarafa-users, craem.net
dn: cn=Angel Elena,cn=zarafa-users,dc=craem,dc=net
givenName:: .z
sn: Elena
uid: angel
uidNumber: 1001
gidNumber: 500
zarafaAccount: 1
dialupAccess: 1
zarafaAdmin: 1
mobile: 616028799
homeDirectory: /home/angel
radiusFramedProtocol: PPP
radiusServiceType: Framed-User
radiusFramedCompression: Van-Jacobsen-TCP-IP
zarafaQuotaHard: 3000
zarafaQuotaWarn: 2000
zarafaQuotaSoft: 2500
zarafaQuotaOverride: 0
mail: cr...@craem.net
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: zarafa-user
objectClass: radiusprofile
objectClass: zarafa-group
objectClass: person
objectClass: organizationalPerson
cn: Angel Elena
cn: angel


.
.
.
.



And the schema:

root@asterisk:~# ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b 
cn=schema,cn=config dn
dn: cn=schema,cn=config

dn: cn={0}core,cn=schema,cn=config

dn: cn={1}cosine,cn=schema,cn=config

dn: cn={2}nis,cn=schema,cn=config

dn: cn={3}inetorgperson,cn=schema,cn=config

dn: cn={4}zarafa,cn=schema,cn=config

dn: cn={5}radius,cn=schema,cn=config

dn: cn={6}guacConfigGroup,cn=schema,cn=config

root@asterisk:~#

Re: ldap question

2018-10-22 Thread Mike Jumper

On Mon, Oct 22, 2018, 07:57 Angel Elena  wrote:

> Hi Mike, thanks for the info.
>
> I removed the config lines and local auth works now and the openLdap auth
> works also, but when i logging with the username angel (ldap), no servers
> displayed.
>

Where are your connections stored? In LDAP? In a database?

- Mike

RE: ldap question

2018-10-22 Thread Angel Elena

Hi Mike, thanks for the info.

I removed the config lines and local auth works now and the openLdap auth works 
also, but when i logging with the username angel (ldap), no servers displayed.


16:54:13.737 [http-nio-8080-exec-3] INFO  o.a.g.r.auth.AuthenticationService - 
User "angel" successfully 
authenticated from 10.138.4.10.






Para:   user@guacamole.apache.org; 
> On Mon, Oct 22, 2018, 07:23 Angel Elena   > wrote:
> Hi!!!
> 
> I upgrade from 0.9.9 to 0.9.14, but I have the same issue:
> 
> /etc/guacamole/guacamole.properties
> 
> # Hostname and port of guacamole proxy
> guacd-hostname: localhost
> guacd-port: 4822
> 
> # Auth provider class (authenticates user/pass combination, needed if using 
> the 
> provided login screen)
> auth-provider: 
> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
> auth-provider: 
> net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider
> 
> 
> The auth-provider property has been deprecated since 0.9.7 and was finally 
> removed in 0.9.10-incubating:
> 
> http://guacamole.apache.org/releases/0.9.10-incubating/#deprecation--compatibili
> ty-notes 
>  ity-notes> 
> 
> Using that property will have no effect. You should remove it.
> 
> lib-directory: extensions
> 
> 
> The lib-directory property has been deprecated since 0.9.7 and was finally 
> removed in 0.9.10-incubating:
> 
> http://guacamole.apache.org/releases/0.9.10-incubating/#deprecation--compatibili
> ty-notes 
>  ity-notes> 
> 
> Using that property will have no effect. You should remove it.
> 
> basic-user-mapping: GUACAMOLE_HOME/user-mapping.xml
> 
> 
> The basic-user-mapping property has been deprecated since 0.9.10-incubating. 
> You should cease using this property. It will stop having any effect after 
> 1.0.0.
> 
> Please see also the definition in the manual of GUACAMOLE_HOME. The warning 
> you 
> see is not telling you to rename the directory containing the file, nor to 
> manually specify a name that contains the literal text "GUACAMOLE_HOME". It 
> is 
> telling you to stop using the property in question, and instead place 
> user-mapping.xml within GUACAMOLE_HOME as defined here:
> 
> http://guacamole.apache.org/doc/gug/configuring-guacamole.html#guacamole-home 
> 
>  
> 
> If unsure where this is, your logs will further clarify things:
> 
> 16:20:47.314 [localhost-startStop-1] INFO  o.a.g.environment.LocalEnvironment 
> - 
> GUACAMOLE_HOME is "/var/lib/tomcat8/.guacamole"
> 
> The location differs from /etc/guacamole in your case because you have 
> overridden the default:
> 
> http://guacamole.apache.org/doc/gug/configuring-guacamole.html#overriding-guacam
> ole-home 
>  mole-home> 
> 
> - Mike
> 
>

Re: ldap question

2018-10-22 Thread Mike Jumper

On Mon, Oct 22, 2018, 07:23 Angel Elena  wrote:

> Hi!!!
>
> I upgrade from 0.9.9 to 0.9.14, but I have the same issue:
>
> /etc/guacamole/guacamole.properties
>
> # Hostname and port of guacamole proxy
> guacd-hostname: localhost
> guacd-port: 4822
>
> # Auth provider class (authenticates user/pass combination, needed if
> using the provided login screen)
> auth-provider:
> net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
> auth-provider:
> net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider
>

The auth-provider property has been deprecated since 0.9.7 and was finally
removed in 0.9.10-incubating:

http://guacamole.apache.org/releases/0.9.10-incubating/#deprecation--compatibility-notes

Using that property will have no effect. You should remove it.

lib-directory: extensions
>

The lib-directory property has been deprecated since 0.9.7 and was finally
removed in 0.9.10-incubating:

http://guacamole.apache.org/releases/0.9.10-incubating/#deprecation--compatibility-notes

Using that property will have no effect. You should remove it.

basic-user-mapping: GUACAMOLE_HOME/user-mapping.xml
>

The basic-user-mapping property has been deprecated since
0.9.10-incubating. You should cease using this property. It will stop
having any effect after 1.0.0.

Please see also the definition in the manual of GUACAMOLE_HOME. The warning
you see is not telling you to rename the directory containing the file, nor
to manually specify a name that contains the literal text "GUACAMOLE_HOME".
It is telling you to stop using the property in question, and instead place
user-mapping.xml within GUACAMOLE_HOME as defined here:

http://guacamole.apache.org/doc/gug/configuring-guacamole.html#guacamole-home

If unsure where this is, your logs will further clarify things:

16:20:47.314 [localhost-startStop-1] INFO
o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is
"/var/lib/tomcat8/.guacamole"

The location differs from /etc/guacamole in your case because you have
overridden the default:

http://guacamole.apache.org/doc/gug/configuring-guacamole.html#overriding-guacamole-home

- Mike

RE: ldap question

2018-10-22 Thread Angel Elena

s/angular-translate/2.8.0/angular-translate.min.js
22-Oct-2018 16:21:10.724 INFO [http-nio-8080-exec-1] 
org.webjars.servlet.WebjarsServlet.doGet Webjars resource requested: 
/META-INF/resources/webjars/angular-translate-interpolation-messageformat/2.8.0/angular-translate-interpolation-messageformat.min.js
22-Oct-2018 16:21:10.730 INFO [http-nio-8080-exec-4] 
org.webjars.servlet.WebjarsServlet.doGet Webjars resource requested: 
/META-INF/resources/webjars/angular-translate-loader-static-files/2.8.0/angular-translate-loader-static-files.min.js
22-Oct-2018 16:21:10.731 INFO [http-nio-8080-exec-7] 
org.webjars.servlet.WebjarsServlet.doGet Webjars resource requested: 
/META-INF/resources/webjars/blob-polyfill/1.0.20150320/Blob.js
22-Oct-2018 16:21:10.736 INFO [http-nio-8080-exec-6] 
org.webjars.servlet.WebjarsServlet.doGet Webjars resource requested: 
/META-INF/resources/webjars/filesaver/1.3.3/FileSaver.min.js
22-Oct-2018 16:21:10.739 INFO [http-nio-8080-exec-3] 
org.webjars.servlet.WebjarsServlet.doGet Webjars resource requested: 
/META-INF/resources/webjars/angular-module-shim/0.0.4/angular-module-shim.js
16:21:10.979 [http-nio-8080-exec-10] WARN  o.a.g.a.f.FileAuthenticationProvider 
- The "basic-user-mapping" property is deprecated. Please use the 
"GUACAMOLE_HOME/user-mapping.xml" file instead.



only this error:

16:21:10.979 [http-nio-8080-exec-10] WARN  o.a.g.a.f.FileAuthenticationProvider 
- The "basic-user-mapping" property is deprecated. Please use the 
"GUACAMOLE_HOME/user-mapping.xml" file instead.


When loggin with openLdap user (angel):

16:21:10.979 [http-nio-8080-exec-10] WARN  o.a.g.a.f.FileAuthenticationProvider 
- The "basic-user-mapping" property is deprecated. Please use the 
"GUACAMOLE_HOME/user-mapping.xml" file instead.
16:22:26.734 [http-nio-8080-exec-8] INFO  o.a.g.r.auth.AuthenticationService - 
User "angel" successfully authenticated from 10.138.4.10.
16:22:26.778 [http-nio-8080-exec-8] WARN  o.a.g.a.f.FileAuthenticationProvider 
- The "basic-user-mapping" property is deprecated. Please use the 
"GUACAMOLE_HOME/user-mapping.xml" file instead.



And now, local users, not working :(

any idea ?




Ángel Elena Medina   _o)
cr...@craem.net  / \\
http://blog.craem.net  _(___V
@craem_
www.linkedin.com/in/angel-elena-medina

Zarafa Webapp.

-Mensaje original-
De: Nick Couchman 
Enviado:Dom 21-10-2018 20:39
Asunto: Re: ldap question
Para:   user@guacamole.apache.org; 
> On Sun, Oct 21, 2018 at 12:41 PM Angel Elena  <mailto:cr...@craem.net> > wrote:
> Hi, good afternoon.
> 
> I'm a new guacamole user. 
> 
> 
> Welcome! :-) 
> 
> I installed it in a debian 9 and 0.9.9 guacd version. The program works fine 
> with local users mapping... my configuration:
> 
> 
> The first thing I'd start with is using a recent version of Guacamole - 
> 0.9.14 
> is the current release, and 1.0.0 is on the way.
>  
> 
> When I login with de "angel" user to the front-end, the user space is empty, 
> without any machine, but I can login.
> 
> 
> Are there any errors in the Tomcat log file?
> 
> -Nick
>

RE: ldap question

2018-10-21 Thread Angel Elena

Hi, thanks for the reply.


Now i upgrade to 0.9.9 to 0.9.14 and test the changes.

actually, no errors when loggin with ldap users ldap works, but not servers 
are displayed in frontend.


thanks


Ángel Elena Medina   _o)
cr...@craem.net  / \\
http://blog.craem.net  _(___V
@craem_
www.linkedin.com/in/angel-elena-medina

Zarafa Webapp.

-Mensaje original-
De: Nick Couchman 
Enviado:Dom 21-10-2018 20:39
Asunto: Re: ldap question
Para:   user@guacamole.apache.org; 
> On Sun, Oct 21, 2018 at 12:41 PM Angel Elena  <mailto:cr...@craem.net> > wrote:
> Hi, good afternoon.
> 
> I'm a new guacamole user. 
> 
> 
> Welcome! :-) 
> 
> I installed it in a debian 9 and 0.9.9 guacd version. The program works fine 
> with local users mapping... my configuration:
> 
> 
> The first thing I'd start with is using a recent version of Guacamole - 
> 0.9.14 
> is the current release, and 1.0.0 is on the way.
>  
> 
> When I login with de "angel" user to the front-end, the user space is empty, 
> without any machine, but I can login.
> 
> 
> Are there any errors in the Tomcat log file?
> 
> -Nick
>

Re: ldap question

2018-10-21 Thread Nick Couchman

On Sun, Oct 21, 2018 at 12:41 PM Angel Elena  wrote:

> Hi, good afternoon.
>
> I'm a new guacamole user.
>

Welcome! :-)

>
> I installed it in a debian 9 and 0.9.9 guacd version. The program works
> fine with local users mapping... my configuration:
>

The first thing I'd start with is using a recent version of Guacamole -
0.9.14 is the current release, and 1.0.0 is on the way.

>
> When I login with de "angel" user to the front-end, the user space is
> empty, without any machine, but I can login.
>

Are there any errors in the Tomcat log file?

-Nick

>

RE: ldap question

Re: ldap question

RE: ldap question

Re: ldap question

RE: ldap question

Re: ldap question

RE: ldap question

Re: ldap question

RE: ldap question

RE: ldap question

Re: ldap question

11 matches

Site Navigation

Mail list logo

Footer information