Can you try this one: https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-$MYSQL_JDBC_VERSION.tar.gz MYSQL_JDBC_VERSION=8.3.0
Remove the rest of drivers and in guacamole config set driver mysql чт, 6 мар. 2025 г., 22:51 Jason Bailey <jbai...@emerytelcom.com.invalid>: > This is what I have: > > echo "GUACAMOLE_HOME=/etc/guacamole" >> /etc/default/tomcat9 > > echo "GUACAMOLE_HOME=/etc/guacamole" >> /etc/profile.d/tomcat9.sh > > > Also... > > > root@guac:/etc/guacamole# ls -l > total 20 > drwxrwxr-x 2 tomcat tomcat 4096 Mar 5 15:15 extensions > -rw-r--r-- 1 tomcat tomcat 2847 Mar 6 11:14 guacamole.properties > -rw-r--r-- 1 tomcat tomcat 212 Mar 3 15:55 guacd.conf > drwxrwxr-x 2 tomcat tomcat 4096 Mar 5 17:14 lib > > > root@guac:/etc/guacamole/lib# ll > total 3896 > -rw-r--r-- 1 tomcat tomcat 627652 Mar 5 17:14 > mariadb-java-client-2.7.12.jar > -rw-r--r-- 1 tomcat tomcat 743409 Feb 21 11:27 > mariadb-java-client-3.5.2.jar > -rw-r--r-- 1 tomcat tomcat 2609733 Mar 5 17:04 > mysql-connector-java-9.2.0.jar > > > > > On 3/6/25 1:44 PM, Anakien Skywalker wrote: > > Oh yeah, > And by the way: > Any of the following MySQL-compatible JDBC drivers are supported for > connecting Guacamole with MySQL or MariaDB: > > MySQL Connector/J > MariaDB Connector/J > > Did you install them both? Because you have to install them both. > > чт, 6 мар. 2025 г., 22:39 Anakien Skywalker <njuhaand...@gmail.com>: > >> Hello, >> Did you set GUACAMOLE_HOME env var? >> >> The Guacamole extension .jar will ultimately need to be placed within >> GUACAMOLE_HOME/extensions, while the JDBC driver must be downloaded >> separately from the database vendor and placed within GUACAMOLE_HOME/lib. >> Please, check both directories and permissions. >> >> If guacamole home env var is not set, this could be an issue. At least I >> had such problem deploying with docker. >> >> чт, 6 мар. 2025 г., 22:26 Jason Bailey <jbai...@emerytelcom.com.invalid> >> <jbai...@emerytelcom.com.invalid>: >> >>> Okay... LDAP works now. Progress! I still can't get MariaDB/MySQL to >>> work, however. >>> >>> This is what I'm seeing in the logs. >>> >>> 12:09:07.428 [http-nio-8080-exec-1] DEBUG o.a.i.t.jdbc.JdbcTransaction - >>> Opening JDBC Connection >>> 12:09:07.429 [http-nio-8080-exec-1] DEBUG >>> o.a.g.a.j.DynamicallyAuthenticatedDataSource - Creating new database >>> connection for pool. >>> 12:09:07.429 [http-nio-8080-exec-1] WARN >>> o.a.g.e.AuthenticationProviderFacade - The "mysql" authentication provider >>> has encountered an internal error which will halt the authentication >>> process. If this is unexpe> >>> 12:09:07.430 [http-nio-8080-exec-1] ERROR o.a.g.rest.RESTExceptionMapper >>> - Unexpected internal error: >>> ### Error querying database. Cause: java.sql.SQLException: No suitable >>> driver found for jdbc:mysql://127.0.0.1:3306/guacamole >>> ### The error may exist in >>> org/apache/guacamole/auth/jdbc/user/UserMapper.xml >>> ### The error may involve >>> org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne >>> ### The error occurred while executing a query >>> ### Cause: java.sql.SQLException: No suitable driver found for jdbc: >>> mysql://127.0.0.1:3306/guacamole >>> 12:09:07.430 [http-nio-8080-exec-1] DEBUG o.a.g.rest.RESTExceptionMapper >>> - Unexpected error in REST endpoint. >>> org.apache.ibatis.exceptions.PersistenceException: >>> ### Error querying database. Cause: java.sql.SQLException: No suitable >>> driver found for jdbc:mysql://127.0.0.1:3306/guacamole >>> ### The error may exist in >>> org/apache/guacamole/auth/jdbc/user/UserMapper.xml >>> ### The error may involve >>> org.apache.guacamole.auth.jdbc.user.UserMapper.selectOne >>> ### The error occurred while executing a query >>> ### Cause: java.sql.SQLException: No suitable driver found for jdbc: >>> mysql://127.0.0.1:3306/guacamole >>> >>> The mariadb jdbc driver is in /etc/guacamole/lib and the folder is owned >>> by the tomcat user with 755 permissions. >>> >>> Suggestions? Thank you! >>> >>> >>> >>> >>> On 3/6/25 4:16 AM, Anakien Skywalker wrote: >>> >>> Hello, >>> Please, look higher up in the logs, during the startup of Tomcat (or >>> deployment >>> of the guacamole WAR file) to make sure it's loading the expected >>> extensions, and see if there are any other errors there. The error you >>> are referring to may be related with mysql driver not getting loaded. >>> >>> ср, 5 мар. 2025 г. в 21:12, Jason Bailey >>> <jbai...@emerytelcom.com.invalid> <jbai...@emerytelcom.com.invalid>: >>> >>>> Did you enable auto creation of accounts in the mysql plugin? Yes. >>>> >>>> Did you create guacadmin user in mysql? I ran the >>>> 000-create-admin-user.sql script against the database and I can see the >>>> records present when I view the appropriate database tables. >>>> >>>> Set extension priority? I have not done so thus far. It isn't being >>>> used in my old server, which is what I used as a template for the new >>>> server. That said, I'll add it. >>>> >>>> Checking in the logs.... I see no mention of LDAP, so it must not be >>>> loading. >>>> >>>> Nick, you were right, the permissions on the /etc/guacamole/lib and >>>> /etc/guacamole/extensions folders were wrong. I'm actually trying to build >>>> SaltStack state / provisioning that sets Apache Guacamole up, and I had >>>> copied and pasted the wrong block of YAML. Long story short, the folder was >>>> 644 instead of 755. That has been fixed. >>>> >>>> Unfortunately, even with all these changes, it's still not working. I'm >>>> now getting "DEBUG o.a.g.rest.RESTExceptionMapper - Client request >>>> rejected: Permission Denied". I get that even when I bypass the reverse >>>> proxy config and connect to tomcat directly with my browser. >>>> >>>> This is what I have in my guacamole.properties file: >>>> >>>> guacd-hostname: ::1 >>>> guacd-port: 4822 >>>> >>>> mysql-hostname: 127.0.0.1 >>>> mysql-database: guacamole >>>> mysql-username: guacamole >>>> mysql-password: LongGuacamolePassword >>>> mysql-driver: mariadb >>>> mysql-auto-create-accounts: true >>>> mysql-server-timezone: America/Denver >>>> >>>> ldap-hostname: corp.myorganization.com >>>> ldap-port: 389 >>>> ldap-encryption-method: none >>>> ldap-username-attribute: sAMAccountName >>>> ldap-search-bind-dn: cn=OBS Manager >>>> LDAP,OU=Services,DC=corp,DC=myorganization,DC=com >>>> ldap-search-bind-password: MyReallyLongLdapPassword >>>> ldap-user-base-dn: dc=corp,dc=myorganization,dc=com >>>> ldap-user-search-filter: (memberOf=CN=OBS >>>> Users,OU=Services,DC=corp,DC=myorganization,DC=com) >>>> ldap-max-search-results: 400 >>>> >>>> auth-provider: >>>> net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider >>>> >>>> Thanks >>>> >>>> >>>> >>>> On 3/5/25 4:41 AM, Anakien Skywalker wrote: >>>> >>>> Hello, >>>> Just a few things to check: >>>> 1. Did you enable auto creation accounts in mysql plugin? >>>> https://guacamole.apache.org/doc/gug/jdbc-auth.html#auto-creating-database-users >>>> >>>> >>>>> mysql-auto-create-accounts: true >>>> >>>> 2. Did you create guacadmin user in mysql? You need to execute the >>>> following schema migration 002-create-admin-user.sql in your db in order to >>>> create admin user. Make sure all queries from migration are executed. >>>> 3. Set extension priority. In your log, I don't see any evidence you >>>> use ldap. But you could use ldap, mysql where mysql is fallback for >>>> guacadmin. >>>> >>>>> extension-priority: mysql, ldap >>>> >>>> I am not sure of the correct naming. Please, check it yourself in your >>>> logs: >>>> >>>>> 23:32:06.468 [main] INFO o.a.g.extension.ExtensionModule - - >>>>> [postgresql] "PostgreSQL Authentication" >>>>> (/etc/guacamole/extensions/guacamole-auth-jdbc-postgresql-1.5.5.jar) >>>>> 23:32:06.468 [main] INFO o.a.g.extension.ExtensionModule - - [ldap] >>>>> "LDAP Authentication" >>>>> (/etc/guacamole/extensions/guacamole-auth-ldap-1.5.5.jar) >>>>> >>>>> According to these logs, it would be: >>>> >>>>> >>>>> extension-priority: postgresql, ldap >>>> >>>> >>>> >>>> ср, 5 мар. 2025 г. в 03:37, Nick Couchman <vn...@apache.org>: >>>> >>>>> On Tue, Mar 4, 2025 at 7:00 PM Jason Bailey >>>>> <jbai...@emerytelcom.com.invalid> <jbai...@emerytelcom.com.invalid> >>>>> wrote: >>>>> >>>>>> Replying to my own email here, but I did get debug logging working. >>>>>> I'm seeing a few extra things now when I try to login: >>>>>> >>>>>> DEBUG o.a.g.r.auth.AuthenticationService - Anonymous authentication >>>>>> attempt from [10.0.0.86, 127.0.0.1] failed. >>>>>> >>>>>> DEBUG o.a.g.rest.RESTExceptionMapper - Client request rejected: >>>>>> Permission Denied. >>>>>> >>>>>> WARN o.a.g.r.auth.AuthenticationService - Authentication attempt >>>>>> from [10.0.0.86, 127.0.0.1] for user "guacadmin" failed >>>>>> >>>>>> DEBUG o.a.g.a.f.FileAuthenticationProvider - User mapping file >>>>>> "/etc/guacamole/user-mapping.xml" does not exist and will not be read >>>>>> >>>>>> I don't have a user-mapping.xml anymore -- not since going to >>>>>> LDAP/MSAD authentication. >>>>>> >>>>> >>>>> It does not appear to me that the LDAP authentication extension is >>>>> loading at all. Are there other messages, prior to this, that indicate >>>>> that >>>>> it is loading successfully? >>>>> >>>>> The message about the user-mapping.xml file is relatively benign - >>>>> it's just warning you that it isn't there. >>>>> >>>>> >>>>>> >>>>>> Is this an indication that the reverse proxy through Apache might be >>>>>> the issue? >>>>>> >>>>> >>>>> Nope, don't think this has anything to do with reverse proxy - I think >>>>> your Guacamole install is not picking up the LDAP extension at all. Maybe >>>>> check that permissions are correct on all of the files/folders, such that >>>>> the user running Tomcat has access to /etc/guacamole and all of the files >>>>> and folders under it? >>>>> >>>>> -Nick >>>>> >>>> *Confidentiality Notice* This email message may contain legally >>>> privileged and/or confidential information. If you are not the intended >>>> recipient(s), you are hereby notified that any dissemination, distribution >>>> or copying of this email message is strictly prohibited. If you have >>>> received this email in error, please immediately notify the sender and >>>> delete this email message from your computer. >>>> >>>
