[Support] jasonbean - Apache Guacamole


Message added by Taddeusz,

Before upgrading to 1.5.0 you need to have first upgraded to 1.4.0-3 of the container. I discovered that prior to 1.4.0-3 it was not shutting down MariaDB correctly and causing the database to be left in a dirty state.

 

If after upgrading to 1.5.0 you discover that MariaDB is stopping and the log mentions something about needing to open the database in an older version of MariaDB you should downgrade specifically to 1.4.0-3, start the container and make sure it's running correctly. Then you may upgrade to 1.5.0.

Recommended Posts

@Taddeusz  Hello

 

Thank you 

 

Yes on the settings DUO

 

image.png.d2a6e58cc5d5d18c6d384ac79652498c.png

 

 

Now is working :)

 

Space line

Time Zone

The key Duo Application

 

I have another question change the password for the user guacadmin, is possible ?

 

I have find the solution

You need to be logged in as the second admin user for delete the guacadmin user 

Thank you  for the help

Edited by Brian5542
Link to comment

So I can get Duo authentication working with this container ok.  The strange thing is that this only works when I connect via the local IP of the container internally. 

 

When I try and connect through my Nginx reverse proxy it shows me this:

 

image.png.37a772bd8cab71a99d364fbffdb3e17e.png

 

When I hit continue, I just get:

 

image.png.bb1c87c415c12ddaacafd8aec9b85606.png

 

It never attempt to send a push or anything.  Has anyone else got this working through Nginx?

 

 

Link to comment
11 hours ago, Taddeusz said:

@nug What browser are you using? Try refresh your browser's cache by hitting ctrl-f5.

...and I'm an idiot.  Thanks very much mate!

 

Next question, does anyone have ssh connections working with public key authentication working with this container?  No matter what I do I can only seem to connect successfully using a password.

 

When I use a private/public key pair it always just asks for the passphrase - even if there isn't one and if I set a passphrase it doesn't like that either.

Edited by nug
Link to comment
  • 2 weeks later...

Hello, 

Recently installed this docker, and so far it is working well (still some minor things to touch on to get it fully working).
This is more a question on the GUI side or WebUI side of things...
Is there a way to eliminate and close all 'recent connection' windows in the WebUI?

Thank you,

Link to comment

Hello! I have installed Guacamole according to the SpaceInvaderOne video but when enabling TOTP, I get to the login QR code and I am able to add the MFA to the Microsoft Authenticator, but it continually tells me "Verification failed. Please try again". I have tried a clean reinstall, and clearing browser history and a different browser. I have also tried a different MFA app. Nothing seems to work. Any ideas? Thank you very much!

Link to comment

Hello,
How can you reset 2FA on Apache Guacamole (GA). I can disable 2FA successfully, however when I re-enable it, it asks for a code, and doesn't display a QR code to set it back up.
I am looking to generate another QR code? Is that possible?

Edited by bombz
Link to comment
On 11/19/2020 at 5:38 PM, Taddeusz said:

I don’t believe there’s currently any way to do this. Their TOTP system is rather limited as it also doesn’t provide any means of backup codes. In the past what I’ve done is cleared the associated database columns to first disable TOTP for the user.

Is there still no current way to perform a TOTP reset to generate a new code to setup on a different device?
I did record the secret key initially when I setup TOTP but not sure if that is of any use with this current concern.
I don't understand what you mean regarding clearing the database columns.... can you provide some insight?

Link to comment
13 hours ago, bombz said:

Hello,
How can you reset 2FA on Apache Guacamole (GA). I can disable 2FA successfully, however when I re-enable it, it asks for a code, and doesn't display a QR code to set it back up.
I am looking to generate another QR code? Is that possible?

Hello again,

The only work around since I could not figure out how to reset 2FA/TOTP was to 

  • Login to the original admin account without 2FA/TOTP enabled
  • Create a new admin user
  • Log out of the original admin user
  • Enable 2FA/TOTP on apache guacamole
  • Login with the new admin user
  • Was then prompted with a QR code for the new admin user
  • Disable the original admin user

Everything seems to be OK with the new admin user. However, I cannot edit the details of the new admin user (see attached) Not to sure why that is the case, any ideas?

perms.PNG

Edited by bombz
Link to comment
On 3/28/2021 at 10:14 AM, Taddeusz said:

They definitely need better management of 2FA/TOTP.

Yes, I suppose no one knows a proper fix for my work around. Perhaps in time as the docker updates in the future. My workaround seems to be OK, but I would like to clean up AG docker so so I can better manage the users.

Thank you for all the hard work, it's a really great docker!

Edited by bombz
Link to comment

I am having trouble creating a connection to my unraid server via ssh. I provided the correct IP/port/username/password, but when I attempt the connection it hangs at "Connected to Guacamole. Waiting for response..."

I can connect via putty so I know ssh is working properly. And other ssh connections I've got in guac work fine. Just not to unraid itself.
 

 

Link to comment
  • 3 weeks later...

Running into a concern with AG.

I have setup everything successfully, and I can access the drive share remotely, but I can only upload to the drive share. I cannot download or add any files to the download directory

\\guacamole\rdp shares\<hostname>\Download

when I attempt to access this share on the local system over the LAN it states I do not have permission to access the share. When I try to change/add an owner to this share, it does not allow it.... I get an error

"an error occurred while applying security information to:
<share name here>
failed to enumerate objects in the container. Access is denied" 

"unable to set new owner on download.
Access is denied"


anyone run into this issue?

Edited by bombz
Link to comment
  • 3 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.