======Guacamole with LDAP on CentOS 7======
=====Installation=====
  yum install guacd libguac-client-rdp libguac-client-vnc libguac-client-ssh guacamole liberation-mono-fonts

  echo "export GUACAMOLE_HOME=/etc/guacamole" > /etc/profile.d/guacamole.sh
  echo "setenv GUACAMOLE_HOME /etc/guacamole" > /etc/profile.d/guacamole.csh

=====Download LDAP classes=====
[[http://sourceforge.net/projects/guacamole/files/current/extensions/guacamole-auth-ldap-0.8.0.tar.gz/download]]
extract and copy the jar files from the lib directory in /var/lib/tomcat/webapps/guacamole/WEB-INF/classes

  cd /var/lib/tomcat/webapps/guacamole/WEB-INF/classes
  ln -s /etc/guacamole/guacamole.properties .

=====Configuration=====
<code - /etc/guacamole/guacamole.properties>
lib-directory: /var/lib/tomcat/webapps/guacamole/WEB-INF/classes

# Auth provider class (authenticates user/pass combination, needed if using the provided login screen)
#auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
#basic-user-mapping: /etc/guacamole/user-mapping.xml

# Auth provider class
auth-provider: net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider

# LDAP properties
ldap-hostname:           ldap.mngt.bh.helux.nl
ldap-port:               389
ldap-user-base-dn:       ou=people,dc=helux,dc=nl
ldap-username-attribute: cn
ldap-config-base-dn:     ou=guacamole,dc=helux,dc=nl
</code>

=====Configure firewall=====
Allow access from web-server to the Tomcat server
  firewall-cmd --permanent --zone=dmz --add-rich-rule="rule family="ipv4" \
  source address="46.44.183.184" service name="tomcat" accept"
  firewall-cmd --permanent --zone=dmz --add-rich-rule="rule family="ipv6" \
  source address="2a02:22a0:bbb7:400::184" service name="tomcat" accept"

======Own compiled guacd with .war webapp======
=====Installation=====
  yum localinstall guacd-0.9.6-1.el7.centos.x86_64.rpm libguac-* guacamole-server-debuginfo-0.9.6-1.el7.centos.x86_64.rpm

  systemctl stop tomcat
  cp guacamole-0.9.6.war /var/lib/tomcat/webapps
  systemctl start tomcat
  systemctl stop tomcat
  cd /var/lib/tomcat/webapps
  rm guacamole-0.9.6.war
  ln -s guacamole-0.9.6 guacamole
  mkdir /usr/share/tomcat/.guacamole
  cd /usr/share/tomcat/.guacamole
  ln -s /etc/guacamole/guacamole.properties .

=====Configuration=====
  mkdir /etc/guacamole

<code - /etc/guacamole/guacamole.properties>
#    Guacamole - Clientless Remote Desktop
#    Copyright (C) 2010  Michael Jumper
#
#    This program is free software: you can redistribute it and/or modify
#    it under the terms of the GNU Affero General Public License as published by
#    the Free Software Foundation, either version 3 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU Affero General Public License for more details.
#
#    You should have received a copy of the GNU Affero General Public License
#    along with this program.  If not, see <http://www.gnu.org/licenses/>.


# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port:     4822
lib-directory: /var/lib/tomcat/webapps/guacamole/WEB-INF/classes

# Auth provider class (authenticates user/pass combination, needed if using the provided login screen)
auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
basic-user-mapping: /etc/guacamole/user-mapping.xml
</code>

=====Restart everything=====
  systemctl enable guacd
  systemctl enable tomcat
  systemctl restart guacd
  systemctl restart tomcat
{{tag>centos}}