I have done guacamole-1.3.0 version native installation in my linux centOs machine.
I need to do LDAP guacamole integration but I am facing some difficulty in doing the configuration.
I have created /etc/guacamole/extension and added ldap-auth 1.3.0 jar inside /etc/guacamole/extensions. Used Tomcat and that is running in the server. Started guacd service. Installation is done but ldap integration facing difficulty.
Need help on how to check and login using ldap auth.
Kindly help me with the steps for ldap guacamole integration for version-1.3.0
Here the guacamole LDAP Properties vim /etc/guacamole/guacamole.properties
# Auth provider class auth-provider:net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider
#LDAP Properties
ldap-hostname: stackoverflow.local
ldap-port: 636 or 3268(LDAP Unsecure conncetion)
ldap-user-base-dn:CN=Users,DC=stackoverflow,DC=local
ldap-user-base-dn: dc=stackoverflow,dc=local
ldap-search-bind-dn:cn=ldap1,CN=Users,dc=stackoverflow,dc=local
ldap-search-bind-password: XXXXXXXXXXX (Password for ldap1 user)
ldap-username-attribute: sAMAccountName
ldap-user-search-filter:(objectClass=user)(!(objectCategory=computer))
ldap-max-search-results:4000
mysql-auto-create-accounts: true
ldap-follow-referrals:true
Then restart tomcat gucad and mysql service
systemctl restart tomcat mysqld guacd
login with domain user simply by giving domain name and password in guacamole dashboard.
If you need more help reply back here with logs i can helpout
Related
I am learning to use Jenkins to deploy a .Net 5.0 application on an AWS EC2 server. This is the first time I am using Linux server and Jenkins for .Net (I'm am a life long Windows guy), and I am facing an error while trying to publish my artifacts over SSH to Web Server.
My setup:
Jenkins server is an AWS EC2 Linux AMI server.
Web Server is also an AWS EC2 LInux AMI server.
My Jenkins is correctly installed and working. I am able to build and run unit test cases without any issues.
For Deploy, I am using 'Publish Over SSH' plugin, and I have followed all steps to configure this plugin as mentioned here https://plugins.jenkins.io/publish-over-ssh/.
However, when try to 'Test Configuration', I get the below error,
Failed to connect or change directory
jenkins.plugins.publish_over.BapPublisherException: Failed to connect and initialize SSH connection. Message: [Failed to connect session for config [WebServer]. Message [Auth fail]]
I did a ping test from Jenkins server to Web Server, and it is a success.
I'm using the .pem key in the 'Key' section of 'Publish over SSH'. This key is the same key I use to SSH into the web server.
The below link suggests many different solutions, but none is working in my case.
Jenkins Publish over ssh authentification failed with private key
I was looking at the below link which describes the same problem,
Jenkins publish over SSH failed to change to remote directory
However in my case I have kept 'Remote Directory' as empty. I don't know if I have to specify any directory here. Anyways, I tried creating a new directory under the home directory of user ec2-user as '/home/ec2-user/publish' and then used this path as Remote Directory, but it still didn't work.
Screenshot of my settings in Jenkins:
I would appreciate if anyone can point me to the right direction or highlight any mistake I'm doing with my configuration.
In my case following steps solved the problem.
Solution is based on Ubuntu 22.04
add two line in /etc/ssh/sshd_config
PubkeyAuthentication yes
PubkeyAcceptedKeyTypes +ssh-rsa
restart sshd service
sudo service sshd restart
you might consider the following:
a. From the screenshot you’ve provided, it seems that you have checked the Use password authentication, or use different key option which will require you to add your key and password (inputs from these fields will be used in connecting to your server via SSH connection). If you use the same SSH key and passphrase/password on all of your servers, you can uncheck/untick that box and just use the config you have specified above.
b. You might also check if port 22 of your web server allows inbound traffic from the security group where your Jenkins server/EC2 instance is running. See reference here.
c. Also, make sure that the remote directory you have specified is existing otherwise the connection may fail.
Here's the sample config
I have a wildfly 10 install running on CentOS Linux 7.3.1611 with kernel3.10.0-514.16.1.el7.x86_64.
Initially when I started running wildfly I was doing so as root in a domain configuration. I have decided to change this practice and configure it as a service. After configuring it as a service, and letting it run for a while I decided to create a user "wildfly", and make the appropriate changes to the systemd service config and directory permissions. Wildfly starts up properly and the application runs fine.
My issue starts when I try and create another server instance from the management console. The console records the server but its never able to start. After some checking I found wildfly is unable to create server directories. This occurs even when having permissions to do so.
The only error I get is this one from /var/log/audit/audit.log;
type=ANOM_ABEND msg=audit(1507241312.223:19650): auid=4294967295 uid=994 gid=994 ses=4294967295 subj=system_u:system_r:unconfined_service_t:s0 pid=8570 comm="java" reason="memory violation" sig=6
I have disabled SELinux, and checked the ACL's on all files in the directory structure. Any help would be greatly appreciated. Thanks in advance.
During installation of OpenAM 12 running on Apache Tomcat 8, Java 8, Windows Server 2012, it hangs on non-typical for this kind of cases step like "Creating OpenAM suffixImport task".
Could that be permissions issue?
Full log:
Checking license acceptance...License terms accepted.
Checking configuration directory C:/OpenAM....Success.
Installing OpenAM configuration store...Success RSA/ECB/OAEPWithSHA1AndMGF1Padding.
Extracting OpenDJ, please wait...Complete
Running OpenDJ setupSetup command: --cli --adminConnectorPort 4444 --baseDN dc=openam,dc=forgerock,dc=org --rootUserDN cn=Directory Manager --ldapPort 50389 --skipPortCheck --rootUserPassword xxxxxxx --jmxPort 1689 --no-prompt --doNotStart --hostname localhost --noPropertiesFile Configuring Directory Server .....
...Success.
...Success
Installing OpenAM configuration store in C:/OpenAM/opends...Success.
Creating OpenAM suffixImport task 20160613174244898 scheduled to start immediately
Are you trying to install using http://localhost in the browser? That can cause issues. OpenAM wants a real FQDN.
For my new project i have to configure cent os linux server with lamp setup and install squid proxy server. Installed machine will act as a server in client side. The main purpose of the count the amount of bandwidth, their mac address , ip address will be logged in server it is will act like a proxy server. Every user will be assigned with bandwidth, total browsing hours, username, password etc.
Each user can access INTERNET via installed proxy server after logging with the username and password defined to them.
User management, mac address, ip addreess fetching all will be done using php code with linux command enabled for mac address from client machine and also for blacklist website filter.
For every action of this project have to access squid configuration file located in /etc/squid/squid.conf for enabling internet support with mac filter and even iptables.
But when my php code try to access the /etc/squid/squid.conf for processing . It is unable to access the file for read, write, append operation.
In my server side i have define the file permission for /etc/squid/squid.conf with read write access with the code executing in my linux server
chmod 777 /etc/squid/squid.conf
After assign the permission also the person logged in to the server unable to access the squid file for processing.
Even the tried
chmod 666 /etc/squid/squid.conf
but no help
How i have to configure my file permission for /etc/squid/squid.conf so even my i logged user via apache server can access the file for processing
is selinux running ? you can temporary disable it with
setenforce 0
selinux may block apache to read your squid config as they are in 2 differents context even if the file is 777 and apache was running as root(bad ideal) . Here some redhat documentation about squid and selinux doc
I have just installed a new Linux VM on Azure - Centos 6.3
installed webmin all great
I have then gone ot log in as the user and password I set up for SSH when I created the VM but it wont let me log in, I dont have the root password as it didnt offer me the root option when i installed the VM just the chance to create a user and password
Anybody please advise help?
If I recall, Windows Azure doesn't typically give you Administrator or root users. In the case of Linux you start with the azureuser which is setup as a sudo user. So login as the azureuser and 'sudo su'. Now set a root password i.e. passwd root.
Now you should be able to authenticate with webwin.