This step-by-step for Linux newbies builds a vanilla Guacamole 1.1.0. It is based on instructions for the earlier Guacamole 1.0.0 version.
This post is edited to incorporate updates, feedback and corrections, but please compare its "Updated" Date-time with that of the last post in this topic. The default authentication provider is only really suitable for very small numbers of users and connections. MySQL (one of the three database providers) provides scalability and easier administration. The Radius Authentication Provider permits integration into many types of RADIUS server, including Microsoft's Azure MFA environment via a Windows Network Policy Server. The attached setup instructions will specifically install and configure the following on to a Hyper-V generation 2 VM: CentOS Linux release 8.1.1911 (Minimal Install) Tomcat 9 - which includes support for the much faster http/2 MySQL 8 Community Edition (if using the JDBC/MySQL Plugin) The most useful tool I have found for working across Windows and Linux is WinSCP from: https://winscp.net/eng/download.php It includes Putty, and under its Preferences, you can select "Windows Explorer" UI, or remain with the "Commander" UI. Here are the steps and config I've used.... Use a Hyper-V MMC console to connect to a Windows 2016 or 2019 Hyper-V server and create a "Guacamole" VM: Configure Generation 2, 40GB VHDX, Dynamic Memory, Startup= 2GB, Low= 512MB, High= 8GB, 2 CPUs, SecureBoot= Microsoft UEFI Certificate Authority Integration Services= all, Production checkpoints, DVD= CentOS previously downloaded from: http://isoredirect.centos.org/centos/8/isos/x86_64/CentOS-8-x86_64-1905-dvd1.iso Or, using Powershell 5.1: $VmName = "<GuacamoleVM Name>" $Location = "<Path of folder to contain all VM files>" $BootDVD ="<Path to CentOS-8.1.1911-x86_64-dvd1.iso>" New-VM -Name $VmName -Generation 2 -Path $Location -MemoryStartupBytes 2GB -NewVHDPath "$VmName.VHDX" -NewVHDSizeBytes 40GB -SwitchName (Get-VMSwitch)[0].Name Add-VMDvdDrive -VMName $VmName -Path $BootDVD Set-VM $VmName -ProcessorCount 3 -DynamicMemory -MemoryStartupBytes 2GB -MemoryMinimumBytes 512MB -MemoryMaximumBytes 8GB Set-VMFirmware $VmName -BootOrder (Get-VMDvdDrive $VmName),(Get-VMHardDiskDrive $VmName) -EnableSecureBoot Off Enable-VMIntegrationService -VMName $VmName -Name "Shutdown","VSS","Heartbeat","Guest Service Interface","Key-Value Pair Exchange","Time Synchronization" Using the Hyper-V MMC's "Connect" command/window, connect to the new VM's CentOS boot screen and initiate the normal boot option (not test OS). In the CentOS start-up GUI: Select correct time zone, "Minimal Install" Setup a password for UserID=root, but no other userID is required at this stage Host Name= guacamole.yourdomain.com (computername pre-pended to the name of your domain) Static/Manual IP Addressing IPv4=172.16.25.1 (For example. Same subnet as the computer's LAN), DNS, Gateway, Search Domains IPv6=11:22:33:401::25 (similar to IPv4 but optional) "Automatically Connect on boot", and if visible, "Available to All Users" Once the CentOS start-up GUI has completed, click the CentOS button to "Reboot". Then using WinSCP, logon to your VM by specifying your IP Address, UserID=root and password. Note that all the Linux commands in the attached files are single line, except for "echo" which can often be multi-line - note the start and end quotes. To setup a simple Guacamole server: Base_Guacamole_setup.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Base_Guacamole_setup.txt> To use a MySQL database for more functionality and to scale: Setup_MySQL_database_provider.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Setup_MySQL_database_provider.txt> Connection_Config.pdf <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Connection_Config.pdf> To use Radius for authentication, allowing the use of Active Directory, and Azure Multi-Factor Authentication, while still using MySQL as a connection repository: Setup_Radius_Authentication.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Setup_Radius_Authentication.txt> NPS_configuration_for_Guacamole_and_Azure_MFA_service.pdf <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/NPS_configuration_for_Guacamole_and_Azure_MFA_service.pdf> Locking down external communications by only using https on the default port 443: Setup_https.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Setup_https.txt> Other sundry CentOS commands I found useful: Sundry_commands.txt <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/Sundry_commands.txt> A great thread on this Mailing List for tweaking Guacamole performance: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/Guacamole-System-Resource-requirements-for-better-performance-td5996.html <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/Guacamole-System-Resource-requirements-for-better-performance-td5996.html> And useful tips from Mike Jumper for resource requirements: -David -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
