guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dawson Bessinger <dawsonbessin...@ls3p.com>
Subject LDAP - Error while query user DNs.
Date Thu, 26 May 2016 14:09:02 GMT
Hello,
We have setup a test Guacamole server and are having an LDAP auth issue. If we list the root
of our AD in ldap-user-base-dn, guacamole throws an exception:
~~~
org.glyptodon.guacamole.GuacamoleServerException: Error while query user DNs.
        at org.glyptodon.guacamole.auth.ldap.user.UserService.getUserDNs(UserService.java:271)
~[guacamole-auth-ldap-0.9.9.jar:na]
~~~

I enabled debug error level and this is at the bottom of the stack trace:
~~~
Caused by: com.novell.ldap.LDAPReferralException: Referral
        at com.novell.ldap.LDAPSearchResults.next(Unknown Source) ~[guacamole-auth-ldap-0.9.9.jar:na]
        at org.glyptodon.guacamole.auth.ldap.user.UserService.getUserDNs(UserService.java:262)
~[guacamole-auth-ldap-0.9.9.jar:na]
~~~

Now, if change ldap-user-base-dn to a different OU, where a specific user resides - I can
then login as that user or any other user under that OU, however, because of the way our AD
is structured I really need to have the top level of our AD listed as the ldap-user-base-dn.
Is there any way I can get more detail about the error in the stack trace?

This is our guacamole.properties file:
~~~
# LDAP properties
ldap-hostname: dc.domain.com
ldap-port: 389
ldap-search-bind-dn: CN=adserviceaccount,CN=Users,DC=domain,DC=com
ldap-search-bind-password: password
ldap-user-base-dn: DC=domain,DC=com
ldap-username-attribute: sAMAccountName
~~~

Mime
View raw message