In between my initial message and your reply, I looked at a working system and it looked like some config files under /usr/share/tomcat/.guacamole weren't right, so I fixed that/cleaned that up. Now Guac starts better (has my custom branding, etc.), but when I try to log in, I get the following in /var/log/messages:
Sep 3 14:14:56 test-access server[184595]: 14:14:56.780 [http-nio-8080-exec-3] WARN o.a.g.e.AuthenticationProviderFacade - Authentication attempt ignored because the relevant authentication provider could not be loaded. Please check for errors earlier in the logs. Sep 3 14:14:56 test-access server[184595]: 14:14:56.780 [http-nio-8080-exec-3] WARN o.a.g.e.AuthenticationProviderFacade - The "ldap" authentication provider has encountered an internal error which will halt the authentication process. If this is unexpected or you are the developer of this authentication provider, you may wish to enable debug-level logging. If this is expected and you wish to ignore such failures in the future, please set "skip-if-unavailable: ldap" within your guacamole.properties. Sep 3 14:14:56 test-access server[184595]: 14:14:56.781 [http-nio-8080-exec-3] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user "guacadmin" failed. Sep 3 14:14:56 test-access server[184595]: 14:14:56.781 [http-nio-8080-exec-3] ERROR o.a.g.rest.RESTExceptionMapper - Request could not be processed: Property ldap-user-base-dn is required. In /etc/guacamole/guacamole.properties, I do have LDAP set up as I do on the working system, and ldap-user-base-dn is configured. So why would that be missing, or not read properly? Perhaps a symbolic link to guacamole.properties not being correct somewhere? Thanks, Harry -----Original Message----- From: Michael Jumper <mjum...@apache.org> Sent: Tuesday, September 3, 2024 2:13 PM To: user@guacamole.apache.org Subject: Re: Issue with logging into a new test Guac server CAUTION: This email originated from outside of the Federal Aviation Administration (FAA). Do not click on links or open attachments unless you recognize the sender and know the content is safe. On 9/3/24 10:46 AM, Devine, Harry (FAA) wrote: > We have setup a test server on our development system to use for > security testing and upgrades. I have imported the MySQL database > from a working system, so I know that the guacadmin password is > correct and set, but I cannot login to this new system either as > guacadmin or my own LDAP user. All I get in /var/log/messages is: > > Sep 3 13:43:20 test-access server[1479]: 13:43:20.325 > [http-nio-8080-exec-2] WARN o.a.g.r.auth.AuthenticationService - > Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user > "harry.devine" failed. > > Sep 3 13:43:27 test-access server[1479]: 13:43:27.698 > [http-nio-8080-exec-5] WARN o.a.g.r.auth.AuthenticationService - > Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user > "harry.devine" failed. > > Sep 3 13:43:37 test-access server[1479]: 13:43:37.679 > [http-nio-8080-exec-4] WARN o.a.g.r.auth.AuthenticationService - > Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user > "guacadmin" failed. > > Sep 3 13:43:40 test-access server[1479]: 13:43:40.538 > [http-nio-8080-exec-6] WARN o.a.g.r.auth.AuthenticationService - > Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user > "guacadmin" failed. > > Sep 3 13:43:44 test-access server[1479]: 13:43:44.939 > [http-nio-8080-exec-10] WARN o.a.g.r.auth.AuthenticationService - > Authentication attempt from [xxx.xxx.xxx.xxx, 127.0.0.1] for user > "guacadmin" failed. > > Is there any other logging information I can look at to determine why > I can’t log in? > Can you provide the logs from the point that Tomcat started? The details logged during webapp startup may be relevant. - Mike --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org
