guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hawkins, Richard" <richard.hawk...@medctrbarbour.org>
Subject RE: LDAP Active Directory
Date Fri, 06 Jan 2017 14:07:44 GMT
Not sure if this will help.   But here are my working settings.

This is how I set mine up on Centos 7 to get AD working.  I don't use
the schema's because I don't want them embedded in my AD.  

<------   Believe it or not..  The spacing makes a difference on this
file...

/etc/guacamole  

# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port:     4822

ldap-hostname: dc01.DOMAINNAME.org
ldap-port: 3268
<----------I required this port for server 2012<remove this comment>
ldap-user-base-dn: DC=DOMAINNAME, DC=org
ldap-search-bind-dn: CN=lookup, CN=Users, DC= DOMAINNAME, DC=org
ldap-search-bind-password: BINDPASSWORD
ldap-username-attribute: sAMAccountName

# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guac_db
mysql-username: guacadmin
mysql-password: SQLPASSWORD
mysql-default-max-connections-per-user: 0
mysql-default-max-group-connections-per-user: 0

___________________________________________________________________
Inside of /var/lib/guacamole
drwxr-xr-x.  4 root root    4096 Dec 15 04:56 .
drwxr-xr-x. 34 root root    4096 Dec 28 10:05 ..
drwxr-xr-x.  2 root root    4096 Dec 15 03:29 extensions
-rw-r--r--.  1 root root 8004327 Dec  3 20:02
guacamole-0.9.10-incubating.war
drwxr-xr-x.  2 root root      48 Oct  5 17:38 lib

Inside of extensions

drwxr-xr-x. 2 root root    4096 Dec 15 03:29 .
drwxr-xr-x. 4 root root    4096 Dec 15 04:56 ..
-rw-r--r--. 1 root root 3934673 Dec 14 14:22
guacamole-auth-jdbc-mysql-0.9.10-incubating.jar
-rw-r--r--. 1 root root 1196799 Dec 14 14:22
guacamole-auth-ldap-0.9.10-incubating.jar

Inside of /var/lib/tomcat/webapps

drwxrwxr-x.  3 root   tomcat   58 Dec 19 00:22 .
drwxr-xr-x.  3 root   tomcat   20 Nov  5 20:57 ..
drwxr-xr-x. 11 tomcat tomcat 4096 Dec 28 10:24 guacamole
lrwxrwxrwx.  1 root   root     50 Dec 15 04:59 guacamole.war ->
/var/lib/guacamole/guacamole-0.9.10-incubating.war                <-----
Notice this is a link<REMOVE THIS COMMENT>
-rw-r--r--.  1 root   root   2264 Oct  6 03:17 .keystore


Commands:
service tomcat restart 

tail -f /var/log/messages


Also,  You have to login as a domain user to see the domain users but
you will have to setup that admin user inside of Guac first.


-----Original Message-----
From: BeardFace [mailto:mja@sittingbourne.kent.sch.uk] 
Sent: Friday, January 06, 2017 6:24 AM
To: user@guacamole.incubator.apache.org
Subject: LDAP Active Directory

Good afternoon,

Have followed many guides (starting from the official documentation) and
I am struggling to get LDAP Authentication with Active Directory
working. The server itself can connect to LDAP via ldapsearch. The MySQL
authentication is working a treat, but would like the LDAP working too
with MySQL storing the connection information so I don't have to change
the schemas.

This comes up in the Catalina log.

DEBUG o.a.g.a.l.AuthenticationProviderService - Anonymous bind is not
currently allowed by the LDAP authentication provider.

and the guacamole.properties file is as follows:

# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822

# Location to read extra .jar's from
#lib-directory: /var/lib/tomcat8/webapps/guacamole/WEB-INF/classes
#lib-directory: /etc/guacamole/extensions

# Authentication provider class
#auth-provider:
org.apache.guacamole.auth.ldap.LDAPAuthenticationProvider

# Properties used by BasicFileAuthenticationProvider
#basic-user-mapping: /etc/guacamole/user-mapping.xml

# LDAP properties
ldap-hostname: <IP_Address>
ldap-port: 389
ldap-user-base-dn: OU=Staff,OU=Domain Users,DC=MyDomain,DC=com
ldap-serach-bind-dn: CN=Administrator,OU=Admins,OU=Domain
Users,DC=MyDomain,DC=com
ldap-search-bind-password: SetPassword
ldap-username-attribute: sAMAccountName

# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole
mysql-username: guacamole
mysql-password: SetPassword

Any help would be appreciated.



--
View this message in context:
http://apache-guacamole-incubating-users.2363388.n4.nabble.com/LDAP-Acti
ve-Directory-tp222.html
Sent from the Apache Guacamole (incubating) - Users mailing list archive
at Nabble.com.

Mime
View raw message