Guacamole 1.2.0

Neustradamus · March 29, 2020, 9:17am

It is possible to update Guacamole to 1.1.0 (2020-01-29)?

mrmarkuz · March 29, 2020, 5:22pm

IIRC you only need to upgrade the guacamole.war, as epel already has 1.1.0.

https://guacamole.apache.org/releases/1.1.0/

I’m going to upgrade the module asap, please share your ideas.

Andy_Wismer · March 29, 2020, 5:39pm

@mrmarkuz

Don’t forget the Swiss-German Keyboard!

Andy

mrmarkuz · April 1, 2020, 4:09am

Teaser

Nethserver Guacamole 1.1.0 comes soon…

Connection Screen

3 configured remote connections…

RDP Connection

Windows 10 in Firefox:

AD/LDAP groups permissions

It’s now possible to allow a group to administrate guacamole or to use specific connections. This way you don’t need to set internal guacamole users with passwords anymore.

New connection options

New performance settings and new keymaps:

oneitonitram · April 1, 2020, 4:18am

how much RAM resources and computing requirements does guacamole have?
is it resource intensive, for if there are multiple concurrent users, as well as multiple computers?

mrmarkuz · April 1, 2020, 4:42am

Yes, it needs resources as it uses tomcat for serving the web client but I’ve no experience when it has to handle many users or connections.

Andy_Wismer · April 1, 2020, 7:32am

@mrmarkuz
@oneitonitram

This is also highly dependent on the resolution of the screens “transfered” by Guacamole.
A lot of users nowadays user large screens. RDP set to fullscreen will take up a lot of resources, especially the more RDPs there are…

My 2 cents
Andy

royceb · April 2, 2020, 1:47am

Will this be something we could eventually push into the NethForge? Also assuming we have an NS with LDAP/AD and Guacamole installed would it be very hard to loop Fail2Ban to monitor this service?

mrmarkuz · April 2, 2020, 1:56am

Yes, but I’d like to do some testing first to improve quality and push it to NethForge later.

No, I don’t think so as auth is logged but I have to check. Good idea. Thanks for the hint.

oneitonitram · April 4, 2020, 5:32pm

i do not see any ldap options inside guacamole
am i missing something?

mrmarkuz · April 4, 2020, 6:04pm

It’s in /etc/guacamole/guacamole.properties.

Andy_Wismer · April 4, 2020, 6:13pm

@mrmarkuz

Hi Markus

I was wondering if there’s a newer version of the Guacamole module (Still 0.9x…) than what’s in the NethServer Modules Wiki. (For a new installation).
Or is a upgrade for that module in the works?

Keep safe!
Andy

oneitonitram · April 4, 2020, 6:22pm

yes, i can see, but none of my ldap users can login for some reason

mrmarkuz · April 4, 2020, 8:13pm

Yes, it is an upcoming upgrade.

LDAP should work. Did you update manually?

Please look in /var/log/messages.

If you have something like

Authentication attempt from [192.168.1.181, 127.0.0.1] for user "ldapuser" failed.

LDAP is generally working but wrong credentials.

This one shows that you have a version mismatch or missing plugins:

The "ldap" authentication provider has encountered an internal error

See also the wiki page how to sync the LDAP users to the UI:

https://wiki.nethserver.org/doku.php?id=guacamole#ldap_ad_admin

mrmarkuz · April 15, 2020, 11:57pm

Please test the new Nethserver-guacamole package and report issues…

Features:

Update to 1.1.0
Groups (AD/LDAP)
Cockpit application
Fail2ban for security
HTTP redirect
Random password for guacamole mysql user
Use upstream mysql-connector-java

Unfortunately the new ldap 1.1.0 extension does not work so as a workaround I took the previous 1.0.0. Guacamole client and mysql extension are version 1.1.0.

Installation/Update:

yum install https://mrmarkuz.dynu.net/mirror/devtest/nethserver-guacamole-0.0.1-1.ns7.noarch.rpm

Check out the wiki for installation/configuration docs.

Andy_Wismer · April 16, 2020, 6:14am

@mrmarkuz

Morning Markus

Just tested your Guacamole on 10 clients… (!)

It works great!

Love this detail:

Now doing mass tests…

Andy

Andy_Wismer · April 16, 2020, 8:04am

@mrmarkuz

I found one instance which has problems.
All other servers so far: no problems

Your older module was installed, i updated as suggested above, no issues.

However:

The server is fully current, all updates are installed as of this morning…
No updates show up in Server-Manager.

What logs should I check? Catalina? or Tomcat?

Guacamole WAS working this morning, before the update.

Andy

oneitonitram · April 16, 2020, 11:28am

Where is this menu located at in guacamole, and how do i enable users to login with their ldap credentials?

mrmarkuz · April 16, 2020, 12:27pm

/var/log/messages should contain errors.

Please check /var/lib/guacamole/extensions. There sould be only two extensions.

You may check mysql too:
Please try to login to mysql as guacamole user with password from /var/lib/nethserver/secrets/guacamole

mrmarkuz · April 16, 2020, 12:32pm

It’s user creation/edit.

You need to create an existing LDAP user/group in guacamole. Then just login with that user.