vnick wrote > On Wed, Jan 24, 2018 at 6:15 AM, Przemysław Pach > < > [email protected] > > > wrote: > > After changing guacamole.propeties and installing the LDAP authentication > extension, did you either restart your Tomcat instance or re-deploy the > gaucaole.war file? Changes to extensions and guacamole.properties are > only > read at startup/deploy, so you'll need to do one of those to make it take > effect. > > Also, ActiveDirectory generally does some LDAP referrals, so you might > want > to either play with the ldap-follow-referrals parameter or point the > configuration directly at your global catalog on your AD server (port > 3268). > > Also, you might want to post more output from your catalina.out in a > pastebin - particularly look for the entries when guacamole.war is > deployed, as it lists the authentication extensions that get deployed and > gives you any errors from initializing those. > > -Nick
Quoted from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/LDAP-Guacamole-0-9-14-tp2593p2606.html I've rebooted whole server to make sure all services is restarted. Maybe I've wrong installed LDAP extension ? I do not I've only copied jars to extension folder: /etc/guacamole/extensions guacamole-auth-jdbc-mysql-0.9.9.jar guacamole-auth-ldap-0.9.9.jar /etc/guacamole/lib mysql-connector-java-5.1.45-bin.jar What more should I do ? My catalina.out file: https://pastebin.com/JW2kker7 vnick wrote > On Wed, Jan 24, 2018 at 6:15 AM, Przemysław Pach > < > [email protected] > > > wrote: > > The LDAP schema changes are only necessary if you want to store > connections > inside the LDAP tree. If you're just doing user authentication from LDAP > and are storing connections elsewhere (simple file or JDBC), then there's > no need to change your LDAP schema. > > Guacamole "stacks" authentication modules by matching username - so, if > the > username from LDAP matches connections for a specific user in the > user-mapping.xml file, it should allow them to connect to those. However, > I would caution against using user-mapping.xml in anything beyond a simple > PoC environment (and the manual states that, as well) - it's much better > to > use something like JDBC (MySQL, PostgreSQL, or SQL Server) to store your > connections an then authenticate users via LDAP. The user-mapping.xml > file > is very simple and lacks many of the features and some of the security for > connections that exist in the JDBC module. > > -Nick Quoted from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/LDAP-Guacamole-0-9-14-tp2593p2606.html Yes, Im not programmer and don't knwo how to specify/store RDP connections in MySQL. FOllowed https://sourceforge.net/p/guacamole/discussion/1110834/thread/b66cf159/?limit=25 BTW: there is nothing about # Auth provider class in guacamole.properties file. What auth-provider: net.sourceforge. should i write ? Or its obsolete line ? -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
