Hi all,
I'm a long time user of Guacamole and I've been trying to get a second
server ready so that I can phase out my old CentOS 7 based server. The
new one is running Debian 12 with tomcat9. The Guacamole client
(pre-compiled war file) is being reverse proxied through Apache. I
statically compiled guacd and it appears to be working as expected.
Like the old server, this new one is supposed to use LDAP (MSAD)
authentication with a MariaDB backend for storage. The problem I'm
running into is that when I try to login to the web frontend (with an
LDAP user or guacadmin, which is in the MariaDB database), it fails as
an "invalid logon". The logs show the following:
15:21:30.008 [http-nio-8080-exec-1] WARN
o.a.g.r.auth.AuthenticationService - Authentication attempt from
[10.0.0.86, 127.0.0.1] for user "user1" failed.
I've been trying to get more information as to why logins are failing. I
created a logback.xml file (like the example on the website) in
/etc/guacamole and restarted tomcat, hoping I'd get some additional
debug output, but so far I'm out of luck -- it doesn't seem to make any
difference.
And yes, I've made sure the Active Directory DC is reachable over the
network, and I've tried both SSL and plaintext ('none') modes over ports
636/389 and that doesn't seem to help.
What are your suggestions at this point? Work on getting debug logging
going?
Thanks
*Confidentiality Notice* This email message may contain legally privileged
and/or confidential information. If you are not the intended recipient(s), you
are hereby notified that any dissemination, distribution or copying of this
email message is strictly prohibited. If you have received this email in error,
please immediately notify the sender and delete this email message from your
computer.
