It is possible to update Guacamole to 1.1.0 (2020-01-29)?
IIRC you only need to upgrade the guacamole.war, as epel already has 1.1.0.
https://guacamole.apache.org/releases/1.1.0/
I’m going to upgrade the module asap, please share your ideas.
Teaser
Nethserver Guacamole 1.1.0 comes soon…
Connection Screen
3 configured remote connections…
RDP Connection
Windows 10 in Firefox:
AD/LDAP groups permissions
It’s now possible to allow a group to administrate guacamole or to use specific connections. This way you don’t need to set internal guacamole users with passwords anymore.
New connection options
New performance settings and new keymaps:
how much RAM resources and computing requirements does guacamole have?
is it resource intensive, for if there are multiple concurrent users, as well as multiple computers?
Yes, it needs resources as it uses tomcat for serving the web client but I’ve no experience when it has to handle many users or connections.
This is also highly dependent on the resolution of the screens “transfered” by Guacamole.
A lot of users nowadays user large screens. RDP set to fullscreen will take up a lot of resources, especially the more RDPs there are…
My 2 cents
Andy
Will this be something we could eventually push into the NethForge? Also assuming we have an NS with LDAP/AD and Guacamole installed would it be very hard to loop Fail2Ban to monitor this service?
Yes, but I’d like to do some testing first to improve quality and push it to NethForge later.
No, I don’t think so as auth is logged but I have to check. Good idea. Thanks for the hint.
i do not see any ldap options inside guacamole
am i missing something?
It’s in /etc/guacamole/guacamole.properties
.
Hi Markus
I was wondering if there’s a newer version of the Guacamole module (Still 0.9x…) than what’s in the NethServer Modules Wiki. (For a new installation).
Or is a upgrade for that module in the works?
Keep safe!
Andy
yes, i can see, but none of my ldap users can login for some reason
Yes, it is an upcoming upgrade.
LDAP should work. Did you update manually?
Please look in /var/log/messages
.
If you have something like
Authentication attempt from [192.168.1.181, 127.0.0.1] for user "ldapuser" failed.
LDAP is generally working but wrong credentials.
This one shows that you have a version mismatch or missing plugins:
The "ldap" authentication provider has encountered an internal error
See also the wiki page how to sync the LDAP users to the UI:
https://wiki.nethserver.org/doku.php?id=guacamole#ldap_ad_admin
Please test the new Nethserver-guacamole package and report issues…
Features:
- Update to 1.1.0
- Groups (AD/LDAP)
- Cockpit application
- Fail2ban for security
- HTTP redirect
- Random password for guacamole mysql user
- Use upstream mysql-connector-java
Unfortunately the new ldap 1.1.0 extension does not work so as a workaround I took the previous 1.0.0. Guacamole client and mysql extension are version 1.1.0.
Installation/Update:
yum install https://mrmarkuz.dynu.net/mirror/devtest/nethserver-guacamole-0.0.1-1.ns7.noarch.rpm
Check out the wiki for installation/configuration docs.
Morning Markus
Just tested your Guacamole on 10 clients… (!)
It works great!
Love this detail:
Now doing mass tests…
Andy
I found one instance which has problems.
All other servers so far: no problems
Your older module was installed, i updated as suggested above, no issues.
However:
The server is fully current, all updates are installed as of this morning…
No updates show up in Server-Manager.
What logs should I check? Catalina? or Tomcat?
Guacamole WAS working this morning, before the update.
Andy
Where is this menu located at in guacamole, and how do i enable users to login with their ldap credentials?
/var/log/messages
should contain errors.
Please check /var/lib/guacamole/extensions
. There sould be only two extensions.
You may check mysql too:
Please try to login to mysql as guacamole user with password from /var/lib/nethserver/secrets/guacamole
It’s user creation/edit.
You need to create an existing LDAP user/group in guacamole. Then just login with that user.