From user-return-3188-archive-asf-public=cust-asf.ponee.io@guacamole.apache.org Fri Feb 2 23:09:10 2018 Return-Path: X-Original-To: archive-asf-public@eu.ponee.io Delivered-To: archive-asf-public@eu.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by mx-eu-01.ponee.io (Postfix) with ESMTP id 5C1B3180608 for ; Fri, 2 Feb 2018 23:09:09 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 4C01D160C25; Fri, 2 Feb 2018 22:09:09 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 4C165160C49 for ; Fri, 2 Feb 2018 23:09:08 +0100 (CET) Received: (qmail 67582 invoked by uid 500); 2 Feb 2018 22:09:02 -0000 Mailing-List: contact user-help@guacamole.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@guacamole.apache.org Delivered-To: mailing list user@guacamole.apache.org Received: (qmail 67566 invoked by uid 99); 2 Feb 2018 22:09:02 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 02 Feb 2018 22:09:02 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id 021C81A0CED for ; Fri, 2 Feb 2018 22:09:02 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 2.379 X-Spam-Level: ** X-Spam-Status: No, score=2.379 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=2, KAM_NUMSUBJECT=0.5, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd2-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id DqhjGg8dZfvX for ; Fri, 2 Feb 2018 22:09:00 +0000 (UTC) Received: from mail-ot0-f180.google.com (mail-ot0-f180.google.com [74.125.82.180]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 7B0645F1EE for ; Fri, 2 Feb 2018 22:08:59 +0000 (UTC) Received: by mail-ot0-f180.google.com with SMTP id d9so21718668oth.6 for ; Fri, 02 Feb 2018 14:08:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to; bh=tcV9KHU+tid/9CPyHSS716G8GFj7lokRnUBVjeCVhi4=; b=T/FQb76TZo1EXZmui/PgaCV2lQAeLp3aor1aJvok1gdDBt3sR8hdzTATP8rVYp/REG Dfepo7qBT7nEV5bxySupDua3mY6wxJuu5uxbLPkO4DJx4/O0SquKKksUOxZEhJ+Nm9ii vrPyh/DTggMIPZNPLW9eriKSlRuNuyOpuzsBmIhdl/zzR0zqgpGKUYkMNgSLhOPnKp4+ 77qPTcUQ7Iz4xLBl3c/0kYdld1mUY9W1phVa0BSecKjhmOHVJoSbv4sCvju9/mD+GGsQ mukpJWOgVJHphj5FgUMgrGPPNZO7gORcsrg7H32BHcDP2Rosy9y0agRNLhWVSoofiqME raRg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to; bh=tcV9KHU+tid/9CPyHSS716G8GFj7lokRnUBVjeCVhi4=; b=jHWPULuwFTMm4D5yS02eKMipDjEx6WbDyn3cCCzgBkl+I2t0+LXKvPIk6IJn+jxwCC f45wJh8+S2ARcqib+8xjFqATfD+ICM+pnfvZ98Q6fkzj+44M/ga0PDVi0XsFAh/neMMT XVGfuYk04eH7UnMRFY10S96UcqUm7DQqiC2Fr3ESnr+LIqEgaMAclRDg2rPUI09Dgxw9 JWD0iQsQJiKg/NNNUAcKrOwEes4bYwJflMqUmXsYpVAhHyoi9YWywSyJeQP7JEkVgg5l unxVBmiJRCydIKE3wtmenaO1MKAoJJlKEJ9T8alpzd2uqov6K06M7IRbBu7AMA/nI3s8 7rJw== X-Gm-Message-State: AKwxytdK98DyKkecx5k8ApPVsVpJGZhI0j79m4xmJApD+rLP23JNzwHa 2k3v6LHJ+o90WYc8+XxLvnjtfVaniYCLNldP9mKfeCjP X-Google-Smtp-Source: AH8x226R9ER3JkwdNekgu7aGH6b1u4nQ1abezwz3NVZegB39z0bL1S5G50TpzEu0d2xzZWn18BLw3Kkgm1URKsr39gQ= X-Received: by 10.157.86.130 with SMTP id o2mr13008280oth.134.1517609337818; Fri, 02 Feb 2018 14:08:57 -0800 (PST) MIME-Version: 1.0 Received: by 10.74.187.137 with HTTP; Fri, 2 Feb 2018 14:08:57 -0800 (PST) Reply-To: aaron.newsome@anewsome.com In-Reply-To: References: From: Aaron Newsome Date: Fri, 2 Feb 2018 14:08:57 -0800 Message-ID: Subject: Re: LDAP Guacamole 9.14 To: user@guacamole.apache.org Content-Type: multipart/alternative; boundary="94eb2c0948187d129f056441f5ef" --94eb2c0948187d129f056441f5ef Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello Ferron. I've got 0.9.14 running with LDAP authentication. I've actually used an identical config since 0.9.12 without any problems. Here's the LDAP section of my guacamole.properties file: ldap-hostname: ads-001.swiftlab.local ldap-port: 389 ldap-max-search-results: 3000 ldap-search-bind-dn: CN=3Dadministrator,CN=3DUsers,dc=3Dswiftlab,dc=3Dlocal ldap-search-bind-password: password ldap-username-attribute: sAMAccountName ldap-user-base-dn: CN=3DUsers,DC=3Dswiftlab,DC=3Dlocal ldap-group-base-dn: CN=3DUsers,DC=3Dswiftlab,DC=3Dlocal I also noticed that your running LDAP on port 3268. That's not the port that LDAP usually runs on, did you double check that your LDAP server is really running on port 3268? --Aaron On Fri, Feb 2, 2018 at 5:25 AM, Ferron Nijland - Switch IT Solutions < f.nijland@switch.nl> wrote: > Hello Everyone, > > > > I=E2=80=99ve installed a new installation of Guacamole 9.14. > > I can access the GUI and login with sql authentication. > > Now I=E2=80=99ve added LDAP authentication, but it doesn=E2=80=99t seem t= o work. > > The guacd service starts without problems, so I=E2=80=99ve no idea where = to look. > > > > My guacamole.properties in /etc/guacamole contains is like: > > > > # Hostname and port of guacamole proxy > > guacd-hostname: localhost > > guacd-port: 4822 > > > > # Location to read extra .jar's from > > lib-directory: /etc/guacamole/lib > > > > # Authentication provider class > > #auth-provider: net.sourceforge.guacamole.net.basic. > BasicFileAuthenticationProvider > > > > auth-provider: net.sourceforge.guacamole.net.auth.ldap. > LDAPAuthenticationProvider > > > > #LDAP Properties > > ldap-hostname: 10.75.10.12 > > ldap-port: 3268 > > ldap-user-base-dn: DC=3Ddomain,DC=3Dlocal > > ldap-search-bind-dn: CN=3Dsa_ ldap_guac,OU=3DService > Accounts,DC=3Ddomain,DC=3Dlocal > > ldap-search-bind-password: password > > ldap-username-attribute: sAMAccountName > > > > # Properties used by BasicFileAuthenticationProvider > > basic-user-mapping: /etc/guacamole/user-mapping.xml > > > > # MySQL properties > > mysql-hostname: localhost > > mysql-port: 3306 > > mysql-database: guacamole_db > > mysql-username: guacamole_user > > mysql-password: mypassword > > > > Met vriendelijke groet, > > > > *Ferron Nijland * > > > --94eb2c0948187d129f056441f5ef Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello Ferron. I've got 0.9.14 running with LDAP authen= tication. I've actually used an identical config since 0.9.12 without a= ny problems. Here's the LDAP section of my guacamole.properties file:

ldap-hostname: ads-001.swiftlab.local

ldap-port: 389

ldap-max-search-results: 3000

ldap-search-bind-dn: CN=3Dadministrator,CN=3DUsers= ,dc=3Dswiftlab,dc=3Dlocal

ldap-search-bind-password: password

ldap-username-attribute: sAMAccountName

ldap-user-base-dn: CN=3DUsers,DC=3Dswiftlab,DC=3Dl= ocal

ldap-group-base-dn: CN=3DUsers,DC=3Dswiftlab,DC=3D= local


I also noticed that your running LDAP on port 3268. That'= ;s not the port that LDAP usually runs on, did you double check that your L= DAP server is really running on port 3268?

--Aaron=


On Fri, Feb 2, 2018 at 5:25 AM, Ferron Nijland - Switch IT Soluti= ons <f.nijland@switch.nl> wrote:

Hello Everyone,

=C2=A0

I=E2=80=99ve installed a new in= stallation of Guacamole 9.14.

I can access the GUI and login = with sql authentication.

Now I=E2=80=99ve added LDAP aut= hentication, but it doesn=E2=80=99t seem to work.

The guacd service starts withou= t problems, so I=E2=80=99ve no idea where to look.

=C2=A0

My guacamole.properties in /etc= /guacamole contains is like:

=C2=A0

# Hostname and port of guacamol= e proxy

guacd-hostname: localhost

guacd-port:=C2=A0=C2=A0=C2=A0= =C2=A0 4822

=C2=A0

# Location to read extra .jar&#= 39;s from

lib-directory:=C2=A0 /etc/guaca= mole/lib

=C2=A0

# Authentication provider class=

#auth-provider: net.sourceforge.guacamole.net.ba= sic.BasicFileAuthenticationProvider

=C2=A0

auth-provider: net.sourceforge.guacamole.net.aut= h.ldap.LDAPAuthenticationProvider

=C2=A0

#LDAP Properties<= /span>

ldap-hostname: 10.75.10.12

ldap-port: 3268

ldap-user-base-dn: DC=3Ddomain,= DC=3Dlocal

ldap-search-bind-dn: CN=3Dsa_ l= dap_guac,OU=3DService Accounts,DC=3Ddomain,DC=3Dlocal<= /p>

ldap-search-bind-password: pass= word

ldap-username-attribute: sAMAcc= ountName

=C2=A0

# Properties used by BasicFileA= uthenticationProvider

basic-user-mapping: /etc/guacam= ole/user-mapping.xml

=C2=A0

# MySQL properties

mysql-hostname: localhost

mysql-port: 3306<= /span>

mysql-database: guacamole_db=

mysql-username: guacamole_user<= u>

mysql-password: mypassword

=C2=A0

Met vriendelijke groet,

Ferron Nijland

=C2=A0


--94eb2c0948187d129f056441f5ef--