Hello all. I'd like to thank everyone in ADVANCE for any help you can
provide. I have been battling this guacamole install for more than a week
and at my wits end. I have installed the latest version on a Ubuntu 20.04
server that has been joined to our domain as well. This is the sole purpose
of this machine and no other applications are running on it. (UFW) firewall
is disabled as well. I was able to get MSQL authentication to work, but for
our school and user base we need people to be able to use their active
directory credentials to log in. I have tried MANY permutations of the
"guacamole.properties" file with no success. The only error message I am
able to get is from /var/log/syslog and it reads :
Sep 3 11:27:13 guacamole tomcat9[862]: 11:27:13.994 [http-nio-8080-exec-8]
ERROR o.a.g.a.ldap.LDAPConnectionService - Binding with the LDAP server at
"ADMAIN11.gccaz.edu " as user "CN=jaytest,OU=DomainUsers,DC=gccaz,DC=edu"
failed: ERR_04121_CANNOT_RESOLVE_HOSTNAME Cannot connect to the server,
Hostname 'ADMAIN11.gccaz.edu ' could not be resolved.
Sep 3 11:27:13 guacamole tomcat9[862]: 11:27:13.995 [http-nio-8080-exec-8]
ERROR o.a.g.a.l.AuthenticationProviderService - Unable to bind using search
DN "CN=jaytest,OU=DomainUsers,DC=gccaz,DC=edu"
Now the Hostname not resolving confuses me as this server CAN ping that
domain controller via IP and host name and joined the domain. (I have also
tried the config file with IP address and get the SAME error which I would
have thought not possible using IPs.) Here is example of NSlookup on the the
server which does resolve:
root@guacamole:/var/log# nslookup admain11
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: admain11.gccaz.edu
Address: 10.1.50.240
Here is output of ResolveCTL Status command:
Global
LLMNR setting: no
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 10.1.50.230
DNS Servers: 10.1.50.230
Fallback DNS Servers: 10.1.50.240
DNS Domain: gccaz.edu
DNSSEC NTA: 10.in-addr.arpa
16.172.in-addr.arpa
168.192.in-addr.arpa
17.172.in-addr.arpa
18.172.in-addr.arpa
19.172.in-addr.arpa
20.172.in-addr.arpa
21.172.in-addr.arpa
22.172.in-addr.arpa
23.172.in-addr.arpa
24.172.in-addr.arpa
25.172.in-addr.arpa
26.172.in-addr.arpa
27.172.in-addr.arpa
28.172.in-addr.arpa
29.172.in-addr.arpa
30.172.in-addr.arpa
31.172.in-addr.arpa
corp
d.f.ip6.arpa
home
internal
intranet
lan
local
private
test
Link 2 (ens160)
Current Scopes: DNS
DefaultRoute setting: yes
LLMNR setting: yes
MulticastDNS setting: no
DNSOverTLS setting: no
DNSSEC setting: no
DNSSEC supported: no
Current DNS Server: 10.1.50.230
DNS Servers: 10.1.50.230
10.1.50.240
DNS Domain: gccaz.edu
So DNS would appear to be functioning to me and resolving on this domain.
Here is the output of my Guacamole Properties file.
#SSL Settings If set to "true", Guacamole will require SSL/TLS encryption
between the web application and guacd. By default, communication between the
web application and guacd will be unencrypted.
#guacd-ssl: true
#Autehtication Providers
#A comma-separated list of the identifiers of authentication providers that
should be allowed to fail internally without aborting the authentication
process.
skip-if-unavailable: mysql,ldap
#LDAP Connection inforamtion
ldap-hostname: ADMAIN11.gccaz.edu
#ldap-encryption-method: none
ldap-user-base-dn:DC=gccaz,DC=edu
ldap-search-bind-dn:CN=jaytest,OU=DomainUsers,DC=gccaz,DC=edu
ldap-search-bind-password:******
#ldap-username-attribute: sAMAccountName
ldap-follow-referrals:true
# MYSQL Settings
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole_db
mysql-username: guacamole_user
mysql-password: ***********
Here is the output of the Catalina log in /var/log/tomcat9 that pretty much
has been the same for the last week no matter how many times I restart the
service or reboot the server or make config changes to the
guacamole.properties file.
Catalina Logs show nothing
03-Sep-2020 11:25:24.487 INFO [Thread-3]
org.apache.coyote.AbstractProtocol.stop Stopping ProtocolHandler
["http-nio-8080"]
03-Sep-2020 11:25:24.506 INFO [Thread-3]
org.apache.coyote.AbstractProtocol.destroy Destroying ProtocolHandler
["http-nio-8080"]
03-Sep-2020 11:26:04.114 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server version name:
Apache Tomcat/9.0.31 (Ubuntu)
03-Sep-2020 11:26:04.125 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server built:
Feb 24 2020 22:37:00 UTC
03-Sep-2020 11:26:04.125 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Server version number:
9.0.31.0
03-Sep-2020 11:26:04.126 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log OS Name:
Linux
03-Sep-2020 11:26:04.126 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log OS Version:
5.4.0-45-generic
03-Sep-2020 11:26:04.127 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Architecture:
amd64
03-Sep-2020 11:26:04.127 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Java Home:
/usr/lib/jvm/java-11-openjdk-amd64
03-Sep-2020 11:26:04.128 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log JVM Version:
11.0.8+10-post-Ubuntu-0ubuntu120.04
03-Sep-2020 11:26:04.128 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor:
Ubuntu
03-Sep-2020 11:26:04.129 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE:
/var/lib/tomcat9
03-Sep-2020 11:26:04.129 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME:
/usr/share/tomcat9
03-Sep-2020 11:26:04.263 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
--add-opens=java.base/java.lang=ALL-UNNAMED
03-Sep-2020 11:26:04.266 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
--add-opens=java.base/java.io=ALL-UNNAMED
03-Sep-2020 11:26:04.267 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
--add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED
03-Sep-2020 11:26:04.268 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.util.logging.config.file=/var/lib/tomcat9/conf/logging.properties
03-Sep-2020 11:26:04.268 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
03-Sep-2020 11:26:04.269 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.awt.headless=true
03-Sep-2020 11:26:04.269 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djdk.tls.ephemeralDHKeySize=2048
03-Sep-2020 11:26:04.270 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.protocol.handler.pkgs=org.apache.catalina.webresources
03-Sep-2020 11:26:04.270 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dorg.apache.catalina.security.SecurityListener.UMASK=0027
03-Sep-2020 11:26:04.271 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dignore.endorsed.dirs=
03-Sep-2020 11:26:04.271 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dcatalina.base=/var/lib/tomcat9
03-Sep-2020 11:26:04.271 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Dcatalina.home=/usr/share/tomcat9
03-Sep-2020 11:26:04.272 INFO [main]
org.apache.catalina.startup.VersionLoggerListener.log Command line argument:
-Djava.io.tmpdir=/tmp
03-Sep-2020 11:26:04.272 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR
based Apache Tomcat Native library [1.2.23] using APR version [1.6.5].
03-Sep-2020 11:26:04.273 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
capabilities: IPv6 [true], sendfile [true], accept filters [false], random
[true].
03-Sep-2020 11:26:04.273 INFO [main]
org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL
configuration: useAprConnector [false], useOpenSSL [true]
03-Sep-2020 11:26:04.288 INFO [main]
org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL
successfully initialized [OpenSSL 1.1.1f 31 Mar 2020]
03-Sep-2020 11:26:05.161 INFO [main] org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["http-nio-8080"]
03-Sep-2020 11:26:05.270 INFO [main]
org.apache.catalina.startup.Catalina.load Server initialization in [2,278]
milliseconds
03-Sep-2020 11:26:05.458 INFO [main]
org.apache.catalina.core.StandardService.startInternal Starting service
[Catalina]
03-Sep-2020 11:26:05.458 INFO [main]
org.apache.catalina.core.StandardEngine.startInternal Starting Servlet
engine: [Apache Tomcat/9.0.31 (Ubuntu)]
03-Sep-2020 11:26:05.608 INFO [main]
org.apache.catalina.startup.HostConfig.deployWAR Deploying web application
archive [/var/lib/tomcat9/webapps/guacamole.war]
03-Sep-2020 11:26:09.700 INFO [main]
org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned
for TLDs yet contained no TLDs. Enable debug logging for this logger for a
complete list of JARs that were scanned but no TL>
03-Sep-2020 11:26:14.798 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register
Registering org.apache.guacamole.rest.RESTExceptionMapper as a provider
class
03-Sep-2020 11:26:14.803 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register
Registering org.apache.guacamole.rest.extension.ExtensionRESTService as a
root resource class
03-Sep-2020 11:26:14.803 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register
Registering org.apache.guacamole.rest.language.LanguageRESTService as a root
resource class
03-Sep-2020 11:26:14.804 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register
Registering org.apache.guacamole.rest.patch.PatchRESTService as a root
resource class
03-Sep-2020 11:26:14.804 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register
Registering org.apache.guacamole.rest.auth.TokenRESTService as a root
resource class
03-Sep-2020 11:26:14.804 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register
Registering org.apache.guacamole.rest.session.SessionRESTService as a root
resource class
03-Sep-2020 11:26:14.805 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register
Registering org.codehaus.jackson.jaxrs.JacksonJsonProvider as a provider
class
03-Sep-2020 11:26:14.809 INFO [main]
com.sun.jersey.server.impl.application.WebApplicationImpl._initiate
Initiating Jersey application, version 'Jersey: 1.17.1 02/28/2013 12:47 PM'
03-Sep-2020 11:26:14.945 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider
Binding org.apache.guacamole.rest.RESTExceptionMapper to
GuiceManagedComponentProvider with the scope "Singleton"
03-Sep-2020 11:26:14.950 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider
Binding org.codehaus.jackson.jaxrs.JacksonJsonProvider to
GuiceManagedComponentProvider with the scope "Singleton"
03-Sep-2020 11:26:15.960 INFO [main]
com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider
Binding org.apache.guacamole.rest.extension.ExtensionRESTService to
GuiceManagedComponentProvider with the scope >
[ Read 140 lines ]
I have been googling and trying to find answer online, including this
mailing list but still nothing seems to work. I'm pretty much throwing in
the towel at this point and may tell my boss it cannot be done. (Sorry just
super frustrated. I've set up other CentOS servers and applications and
dealt with SELinux..But man..NOTHING has been as hard as this Guacamole set
up and install by far. I thought using base Ubuntu would make it easier..I
am VERY worried even if I can get past this, HOW I am going to set this all
up for SSL and 636 communication and java., looks to be another nightmare
coming..but I digress.)
Again.. I thank anyone for help and if there are any other better "guides"
out there as I have found the official documentation to be lacking.
--
Sent from:
http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
