I say to use pre-built binaries as a test to eliminate any building issues. If pre-built binaries work then you know the problem in with the build -or thereabouts.
I think you need to get the guacamole client working and tomcat logging is described in https://guacamole.apache.org/doc/gug/configuring-guacamole.html#logging-within-the-web-application Also: for guacd https://guacamole.apache.org/doc/gug/troubleshooting.html#syslog Also, the dua auth extension is for if guac is handling duo directly, correct? Yes. See: https://guacamole.apache.org/doc/gug/duo-auth.html From: Aero Tech <aerotech1...@gmail.com> Sent: Friday, November 3, 2023 9:53 AM To: user@guacamole.apache.org Subject: Re: Build Issue Troubleshooting I am not opposed to rebuilding on a different server. I believe I installed tomcat9 from apt because it was available. It looks like I can build guac on a separate server and remote into any server on the domain with it? I am not opposed to a DB if it is helpful. It looks like to track logins I may need one. I read PSQL may be the best DB to use performance wise? Is there a default account that can login to the web page without a DB, or would you have to config the user.xml for that? I think I may need to config a logging.xml and that may be why guac isn't logging anything in the location I am expecting. I am reading it should have logs. think its var/log/guacamole. Also the dua auth extension is for if guac is handling duo directly, correct? On Thu, Nov 2, 2023 at 5:17 PM Mark Li <m...@baretoes.net<mailto:m...@baretoes.net>> wrote: Try using the prebuilt binaries and not compile from source. Did you install tomcat using apt or did you build tomcat also? From: Aero Tech <aerotech1...@gmail.com<mailto:aerotech1...@gmail.com>> Sent: Thursday, November 2, 2023 4:34 PM To: user@guacamole.apache.org<mailto:user@guacamole.apache.org> Subject: Re: Build Issue Troubleshooting I got them from the apache guacamole site (https://downloads.apache.org/guacamole/1.5.3/binary/ etc.). Made the packages from the source. Had to make maven from source as well. Wrote my own guacamole service guacd service and guacamole service daemon. If I could have installed from the Ubuntu apt list I would but it wasn't listed. tomcat9 seems to be running as the website is up but I could be wrong. Maybe its crashing when trying to login? I just see a bunch of failed logins. Something is definitely very wrong. On Thu, Nov 2, 2023 at 4:25 PM Mark Li <m...@baretoes.net<mailto:m...@baretoes.net>> wrote: Where are you getting the executables from? Are you building them yourself? Is guacamole.properties readable by tomcat? Check the file permissions I think something is broken in the executable because tomcat is crashing: Nov 2 15:32:13 hostname tomcat9[1835245]: java.lang.ClassCastException: class java.io.ObjectStreamClass$Caches$1 cannot be cast to class java.util.Map (java.io.ObjectStreamClass$Caches$1 and java.util.Map are in module java.base of loader 'bootstrap')) From: Aero Tech <aerotech1...@gmail.com<mailto:aerotech1...@gmail.com>> Sent: Thursday, November 2, 2023 4:18 PM To: user@guacamole.apache.org<mailto:user@guacamole.apache.org> Subject: Re: Build Issue Troubleshooting Ubuntu22 the build is tomcat9 and guac 1.5.3 On Thu, Nov 2, 2023 at 4:10 PM Mark Li <m...@baretoes.net<mailto:m...@baretoes.net>> wrote: What’s the O/S? From: Aero Tech <aerotech1...@gmail.com<mailto:aerotech1...@gmail.com>> Sent: Thursday, November 2, 2023 2:51 PM To: user@guacamole.apache.org<mailto:user@guacamole.apache.org> Subject: Re: Build Issue Troubleshooting That is the weird thing it won't create any logs in the guacamole log location even though I specified it in guacamole.properties. From what I read I should be able to get the 2fa working without the duo extension if the 2fa SRVR is handling LDAPS. It can do LDAPS or RADIUS. I've added both into the file but it still fails. I added the .pem cert to the cert store and can do an ldapsearch from terminal. If I need to add a DB I'm not opposed to that. If I add a user.xml I can get past the login page but it fails to remote which may be a FW port setting or something else. Was trying to set the user.xml to the actual server. I added a no authentication to test and still cannot get into it with every LDAPS and RADIUS setting commented out. So not sure if I need a separate DB to store the account the default account isn't working. I want to get that working then get the 2fa working. I can send you some of my config files redacted in a bit if you need. If I have to have a separate DB I would probably want to add a PSQL DB. Not totally against it just don't want to set up things if unneeded. On Thu, Nov 2, 2023 at 1:27 PM Mark Li <m...@baretoes.net<mailto:m...@baretoes.net>> wrote: Do the guac log files show any errors? Accesses from the browser? Is there a message saying unauthorized? From: Aero Tech <aerotech1...@gmail.com<mailto:aerotech1...@gmail.com>> Sent: Thursday, November 2, 2023 12:54 PM To: user@guacamole.apache.org<mailto:user@guacamole.apache.org> Subject: Build Issue Troubleshooting Team, I am stuck on a build and cannot seem to get in with the generic username and password even after removing all auth methods in guacamole.properties username and password still show up and nothing authenticates. There is probably something wrong with my build but not sure what. Would like to ideally have the build without a PSQL or MySQL DB and use 2FA through an existing 2FA server but need to iron out why I can't even login to the web int first. Regards, Blake
