Hello, Just a few things to check: 1. Did you enable auto creation accounts in mysql plugin? https://guacamole.apache.org/doc/gug/jdbc-auth.html#auto-creating-database-users
> mysql-auto-create-accounts: true 2. Did you create guacadmin user in mysql? You need to execute the following schema migration 002-create-admin-user.sql in your db in order to create admin user. Make sure all queries from migration are executed. 3. Set extension priority. In your log, I don't see any evidence you use ldap. But you could use ldap, mysql where mysql is fallback for guacadmin. > extension-priority: mysql, ldap I am not sure of the correct naming. Please, check it yourself in your logs: > 23:32:06.468 [main] INFO o.a.g.extension.ExtensionModule - - [postgresql] > "PostgreSQL Authentication" > (/etc/guacamole/extensions/guacamole-auth-jdbc-postgresql-1.5.5.jar) > 23:32:06.468 [main] INFO o.a.g.extension.ExtensionModule - - [ldap] "LDAP > Authentication" (/etc/guacamole/extensions/guacamole-auth-ldap-1.5.5.jar) > > According to these logs, it would be: > > extension-priority: postgresql, ldap ср, 5 мар. 2025 г. в 03:37, Nick Couchman <vn...@apache.org>: > On Tue, Mar 4, 2025 at 7:00 PM Jason Bailey > <jbai...@emerytelcom.com.invalid> wrote: > >> Replying to my own email here, but I did get debug logging working. I'm >> seeing a few extra things now when I try to login: >> >> DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication >> attempt from [10.0.0.86, 127.0.0.1] failed. >> >> DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: >> Permission Denied. >> >> WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from >> [10.0.0.86, 127.0.0.1] for user "guacadmin" failed >> >> DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file >> "/etc/guacamole/user-mapping.xml" does not exist and will not be read >> >> I don't have a user-mapping.xml anymore -- not since going to LDAP/MSAD >> authentication. >> > > It does not appear to me that the LDAP authentication extension is loading > at all. Are there other messages, prior to this, that indicate that it is > loading successfully? > > The message about the user-mapping.xml file is relatively benign - it's > just warning you that it isn't there. > > >> >> Is this an indication that the reverse proxy through Apache might be the >> issue? >> > > Nope, don't think this has anything to do with reverse proxy - I think > your Guacamole install is not picking up the LDAP extension at all. Maybe > check that permissions are correct on all of the files/folders, such that > the user running Tomcat has access to /etc/guacamole and all of the files > and folders under it? > > -Nick >
