I set SELinux to permissive and put the LDAP extension back (its under /usr/share/tomcat/.guacamole/extensions), restarted tomcat and guacd, and try to log in using an LDAP user. I click Login and on the Network tab, it shows tokens (/guacamole/api/tokens) as having a “pending” status. Never gets any further.
Harry From: Nick Couchman [mailto:[email protected]] Sent: Monday, November 20, 2017 2:04 PM To: [email protected] Subject: Re: Configuring LDAP On Mon, Nov 20, 2017 at 1:52 PM, <[email protected]<mailto:[email protected]>> wrote: We’re using Red Hat Enterprise Linux 7.4 with SELinux set to enforcing. I disabled the LDAP extension and just used MySQL for the guacadmin user and could log in. I do see the following information in /var/log/messages: This sounds like the server-side, but are you able to temporarily disable SELinux (set it to permissive mode, "setenforce 0") and then restart Tomcat and see if it works with LDAP? I'm not suggesting this as a long-term fix, just long enough to validate whether SELinux is, indeed, blocking LDAP traffic, or if it's still something else? -Nick
