Hi!Having read the thread, I see that you say you have neither changed anything in the guacamole config nor anything in the tomcat config?
If that is the case, I have a few more ideas that you could try.1. What java version does the tomcat use? Is it different if you compare Server 1 and Server 2? My own LDAP-Libraries barfed at first when I switched from Java 8 to 11. And the errors were very odd. If server 1 runs java 8 and server 2 runs 11, let both run 8.
2. Is selinux off or on? Set it identically. Behaviour can change if the OS-Level of both servers differs. And a pox on selinux! The amount of debugging and voodoo I have seen in conjunction with this abomination of a software is incredible. Look in the selinux logs if you are paranoid.
3. If the target LDAP-Server is a real LDAP-Server (like openLDAP or the like) and not an AD, you should also check the ldap-Logs. "Authentication failed" could be an abstraction of the error, the library catches (no idea which ldap-lib guacamole uses). Some seem to wrap all failures (no matter if it is "no such object", "TLS required" etc.) into a super error which you have to disect to find out what really happened. The log will tell you the error number and thus the problem with the attempt.
4. Use a locally installed Version of tomcat 8.5.x/9.x. As already mentioned, the version shipped with centos/rhel is horrible. One of the few pacakges I always maintain manually in a REPO of my own. I am running all my guacamole instances on 8.5.x.
Best regards, Sven Specker -- __________________________________________________________________ *** Sven Specker -- University of Frankfurt Computing Center *** *********** UNIX System Administration (Auth/IDM) **************** ***** [email protected] [Phone (+49)-69-798-15188] ***** ****************************************************************** __________________________________________________________________ Johann Wolfgang Goethe Universitaet - Hochschulrechenzentrum - Theodor W. Adorno-Platz 1 (PA-1P16) D-60323 Frankfurt/Main __________________________________________________________________ ______________ TeX-users do it in {groups}________________________
smime.p7s
Description: S/MIME Cryptographic Signature
