guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Burdine <pburd...@gmail.com>
Subject Re: LDAP and MySQL do SSO to RDP
Date Wed, 03 Aug 2016 02:54:34 GMT
That is exactly correct.

If you want NLA working, you will also need to set the domain as well.

If you use the DB for connection information, but don't want to use it for
authentication, create the users in the database (with the same user name
as in LDAP), but disable the account.  The account will then only be
authenticated via LDAP, but it will get the connection info from the
database.

--Peter


On Tue, Aug 2, 2016 at 9:47 AM, Nick Couchman <nick.couchman@seakr.com>
wrote:

> Bastiaan,
> I think all you have to do is, when creating the connection, use the
> following items for configuration:
> Username: ${GUAC_USERNAME}
> Password: ${GUAC_PASSWORD}
>
> Then, assuming you've either configured the LDAP extension with Active
> Directory as your service, or your username and password in another LDAP
> directory or the database match your RDP credentials, it will pass through
> the Guacamole authentication information to the RDP session, which should
> result in the "SSO" configuration you're looking for.  I haven't tried it,
> yet - it's on my list of things to do.
>
> -Nick
>
> On Aug 2, 2016, at 01:33, Bastiaan van Haastrecht <
> b.vanhaastrecht@gmail.com> wrote:
>
> Hello all,
>
> First I want to thank the Guacamole team for an exelent job. The whole
> software is just amazing and works very well.
>
> I do however am a little confused about the posibility of SSO to RDP.
> According to JIRA there should be an form of SSO posible, as all related
> have status DONE. https://glyptodon.org/jira/browse/GUAC-490
>
> But I'm unable to find any info on how to configure this. I would like to
> SSO the LDAP credentials to the RDP connections configured/accosiated in
> MySQL.
>
> Any guidance is very welcome.
>
> Kind Regards,
> Bastiaan
>
>
> ------------------------------
>
> This e-mail may contain SEAKR Engineering (SEAKR) Confidential and
> Proprietary Information. If this message is not intended for you, you are
> strictly prohibited from using this message, its contents or attachments in
> any way. If you have received this message in error, please delete the
> message from your mailbox. This e-mail may contain export-controlled
> material and should be handled accordingly.  ­­
>

Mime
View raw message