Any thoughts on this? I still can't log in with guacadmin, but can log in with an LDAP user. I'll need the local guacadmin user to be able to log in moving forward, and whatever the solution turns out to be for this, I'll need to update my Ansible role so future Guacamole installations behave as intended.
Thanks, Harry From: Devine, Harry (FAA) <harry.dev...@faa.gov.INVALID> Sent: Thursday, January 11, 2024 3:20 PM To: user@guacamole.apache.org Subject: RE: Issue logging in locally as guacadmin on new install I do have the "mysql-connector-j-8.0.33-1.el8.noarch.rpm" file as part of my Ansible role, and that gets installed as part of the playbook execution. Could it be that this is not the correct connector for MariaDB on RHEL 8? Thanks, Harry From: Devine, Harry (FAA) <harry.dev...@faa.gov.INVALID<mailto:harry.dev...@faa.gov.INVALID>> Sent: Thursday, January 11, 2024 3:14 PM To: user@guacamole.apache.org<mailto:user@guacamole.apache.org> Subject: Issue logging in locally as guacadmin on new install I have a playbook that installs Guacamole for me. I've been refining it for a few days and it's finally just-about working, but the last thing left to get working is to log in as the local guacadmin user. I have the JDBC and LDAP jar files installed under /usr/share/tomcat/.guacamole/extensions, and the LDAP file loads, but the JDBC will not: Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - - [mysql] "MySQL Authentication" (/usr/share/tomcat/.guacamole/extensions/guacamole-auth-jdbc-mysql-1.5.4.jar) Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - - [ldap] "LDAP Authentication" (/usr/share/tomcat/.guacamole/extensions/guacamole-auth-ldap-1.5.4.jar) Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - - [tsose] "Guac-Test" (/usr/share/tomcat/.guacamole/extensions/tsose.jar) Jan 11 15:05:05 guac-test server[242104]: 15:05:05.785 [main] INFO o.a.g.extension.ExtensionModule - To change this order, set the "extension-priority" property or rename the extension files. The default priority of extensions is dictated by the sort order of their filenames. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.797 [main] ERROR o.a.g.extension.ProviderFactory - authentication provider extension failed to start: No JDBC driver for MySQL/MariaDB is installed. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.798 [main] ERROR o.a.g.extension.ProviderFactory - authentication provider extension failed to start: No JDBC driver for MySQL/MariaDB is installed. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.834 [main] INFO o.a.g.extension.ExtensionModule - Extension "MySQL Authentication" (mysql) loaded. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.968 [main] WARN o.a.g.e.LanguageResourceService - Overlay language resource "de" does not exist. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.970 [main] INFO o.a.g.extension.ExtensionModule - Extension "LDAP Authentication" (ldap) loaded. Jan 11 15:05:05 guac-test server[242104]: 15:05:05.990 [main] INFO o.a.g.extension.ExtensionModule - Extension "Guac-Test" (tsose) loaded. When I attempt to log in as guacadmin then as an LDAP user, the LDAP user works but not guacadmin (I redacted the LDAP server name and internal IPs): Jan 11 15:06:53 guac-test server[242104]: 15:06:53.904 [http-nio-8080-exec-3] WARN o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored because the relevant authentication provider could not be loaded. Please check for errors earlier in the logs. Jan 11 15:06:53 guac-test server[242104]: 15:06:53.904 [http-nio-8080-exec-3] WARN o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored because the relevant authentication provider could not be loaded. Please check for errors earlier in the logs. Jan 11 15:06:58 guac-test server[242104]: 15:06:58.885 [http-nio-8080-exec-2] WARN o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored because the relevant authentication provider could not be loaded. Please check for errors earlier in the logs. Jan 11 15:06:58 guac-test server[242104]: 15:06:58.892 [http-nio-8080-exec-2] INFO o.a.g.a.l.AuthenticationProviderService - Unable to determine DN of user "guacadmin" using LDAP server "ldap1". Proceeding with next server... Jan 11 15:06:58 guac-test server[242104]: 15:06:58.892 [http-nio-8080-exec-2] INFO o.a.g.a.l.AuthenticationProviderService - User "guacadmin" did not successfully authenticate against any LDAP server. Jan 11 15:06:58 guac-test server[242104]: 15:06:58.892 [http-nio-8080-exec-2] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user "guacadmin" failed. Any thoughts on what I could have misconfigured? Thanks, Harry Harry Devine Secure-OSE System Administrator Red Hat Certified System Administrator (RHCSA) Work: (609) 485-4218 FAA Cell: (609) 612-7274 Home Office/Telework: (609) 547-3579
