I copied the LDAP settings from /etc/guacamole/guacamole.properties on the machine that’s working and replaced it in the same file on the server that is not working, restarted guacd, and still get the same error. Still no update to catalina.out (it’s a 0 length file) in /var/log/tomcat. But I appreciated the response.
Thanks, Harry From: Glauco Rampogna <[email protected]> Sent: Friday, August 14, 2020 8:59 AM To: [email protected] Subject: Re: Really strange LDAP issue Ii've had a similar issue with two twin servers. In my case, it was caused by an illegal char in the config file. I've discovered it with strace on guacd: it was an error 500, with json error "ldap-port must be an integer". Tomcat was in debug mode but this kind of message never appeared on the logs. Don't know what char, i've manually rewritten everything to be sur, and it worked again. Maybe it's unrelated, just for sharing. Il ven 14 ago 2020, 13:46 Devine, Harry (FAA) <[email protected]<mailto:[email protected]>> ha scritto: We are using RHEL 7.8 x64. From: Mike Jumper <[email protected]<mailto:[email protected]>> Sent: Thursday, August 13, 2020 2:00 PM To: [email protected]<mailto:[email protected]> Subject: Re: Really strange LDAP issue What OS is Tomcat installed under? There may be additional logs elsewhere. - Mike On Thu, Aug 13, 2020, 04:55 Devine, Harry (FAA) <[email protected]<mailto:[email protected]>> wrote: I see absolutely nothing. The catalina log is from yesterday (catalina.2020-08-12.log), but it has nothing in it about extensions. When I restart guacamole, no new log files get created under /var/log/tomcat at all. Harry From: Mike Jumper <[email protected]<mailto:[email protected]>> Sent: Wednesday, August 12, 2020 5:28 PM To: [email protected]<mailto:[email protected]> Subject: Re: Really strange LDAP issue On Wed, Aug 12, 2020 at 1:33 PM Devine, Harry (FAA) <[email protected]<mailto:[email protected]>> wrote: I’m having a really strange LDAP issue on 1 of our Guacamole servers using LDAP. As far as I can tell, the LDAP is configured the same way (see below), and both machines can ping the LDAP Server by name, so its not a DNS issue. When we try to log in, we get: Aug 12 16:28:27 tbfm-access server: 16:28:27.645 [http-bio-8080-exec-5] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [10.143.37.157, 127.0.0.1] for user "harry.devine" failed. The same account on the other guacamole server works: Aug 12 16:29:19 tfdm-access server: 16:29:19.122 [http-bio-8080-exec-1118] INFO o.a.g.r.auth.AuthenticationService - User "harry.devine" successfully authenticated from [10.143.37.157, 127.0.0.1]. What do you see in the Tomcat logs during Guacamole startup of both instances? There should be log messages from Guacamole noting the extensions loaded, the directory used for GUACAMOLE_HOME, and whether there were any errors loading those extensions. - Mike
