This posting is three things: 1. A copy of the original Guacamole 1.0.0/Java 8 configuration guide posted a few months ago, including its text configuration files;
2. A configuration text file to update the original Guacamole 1.0.0/Java 8 configuration to provide much faster http/2 and TLSv1.3; 3. Advice that the First Posting has been edited and updated to provide newbies with configuration of: CentOS Linux, Minimal ISO, release 7.6.1810 (Core), Guacamole 1.0.0 with RADIUS and JDBC/MySQL plugins, Java 12, OpenSSL - which includes support for the faster and more secure TLS version 1.3, Tomcat 9 - which includes support for the much faster http/2, MySQL 8 (for those using the JDBC/MySQL plugin). If you have configured your Guacamole server using the original guide, then you can update it to implement TLSv1.3 and http/2 using this text configuration file: http_and_tls_update_v1.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/http_and_tls_update_v1.txt> ========================== A summary of the original posting and its text configuation files is below.......... The Guacamole config and properties files are subject to the Apache License found on the Apache Guacamole site. Guacamole's Group feature only works as expected if users in a Group are also Guacamole administrators. The problem is expected to be resolved in the next release. The attached setup instructions will specifically install and configure the following: CentOS Linux, Minimal ISO, release 7.6.1810 (Core) Java 1.8.0: java-1.8.0-openjdk-1.8.0.212.b04-0.el7_6.x86_64 Tomcat 8.5.41 An upgraded gcc compiler, version: 7.3.0 For working across Windows and Linux, WinSCP from: https://winscp.net/eng/download.php It includes Putty, and under its Preferences, you can select "Windows Explorer" UI, or remain with the "Commander" UI. Here are the steps and config: Use a Hyper-V MMC console to connect to a Windows 2016 or 2019 Hyper-V server and create a "Guacamole" VM: Configure Generation 2, 40GB VHDX, Dynamic Memory, Startup= 2GB, Low= 512MB, High= 8GB, 2 CPUs, SecureBoot= Microsoft UEFI Certificate Authority Integration Services= all, Production checkpoints, Automatic Start Action= Always, Automatic Stop Action= Shutdown DVD= CentOS previously downloaded from: http://isoredirect.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1810.iso Using the Hyper-V MMC's "Connect" command/window, connect to the new VM's CentOS boot screen and initiate the normal boot option (not test OS). In the CentOS start-up GUI: Setup a password for UserID=root, but no other userID is required at this stage Host Name= guacamole.yourdomain.com (computername pre-pended to the name of your domain) Static/Manual IP Addressing IPv4=172.16.25.1 (For example. Same subnet as the computer's LAN), DNS, Gateway, Search Domains IPv6=11:22:33:401::25 (similar to IPv4 but optional) "Automatically Connect on boot", and if visible, "Available to All Users" Once the CentOS start-up GUI has completed, click the CentOS button to "Reboot". Then using WinSCP, logon to your VM by specifying your IP Address, UserID=root and password. Note that all the Linux commands in the attached files are single line, except for "echo" which can often be multi-line - note the start and end quotes. To setup a simple Linux Guacamole server: Base_Guacamole_setup_v1.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Base_Guacamole_setup_v1.txt> To use a MySQL database for more functionality and to scale: Setup_MySQL_database_provider_v1.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Setup_MySQL_database_provider_v1.txt> Sample RDP Connection configured using the Guacamole Web GUI: Sample_RDP_Connection_Config_v1.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Sample_RDP_Connection_Config_v1.txt> To use Radius for authentication, allowing the use of Active Directory, and Azure Multi-Factor Authentication, while still using MySQL as a connection repository: Setup_Radius_Authentication_v1.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Setup_Radius_Authentication_v1.txt> NPS_configuration_for_Guacamole_and_Azure_MFA_service.pdf <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/NPS_configuration_for_Guacamole_and_Azure_MFA_service.pdf> Locking down external communications by only using https on the default port 443: Setup_https_v1.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Setup_https_v1.txt> Other sundry CentOS commands I found useful: Sundry_commands_v1.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Sundry_commands_v1.txt> And a great Thread on this Mailing List for tweaking Guacamole performance: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/Guacamole-System-Resource-requirements-for-better-performance-td5996.html -David -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
