From user-return-4551-archive-asf-public=cust-asf.ponee.io@guacamole.apache.org Mon Oct 1 15:15:22 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id AAAD5180660 for ; Mon, 1 Oct 2018 15:15:21 +0200 (CEST) Received: (qmail 57361 invoked by uid 500); 1 Oct 2018 13:15:20 -0000 Mailing-List: contact user-help@guacamole.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@guacamole.apache.org Delivered-To: mailing list user@guacamole.apache.org Received: (qmail 57351 invoked by uid 99); 1 Oct 2018 13:15:20 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 01 Oct 2018 13:15:20 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 44253C13A2 for ; Mon, 1 Oct 2018 13:15:20 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.212 X-Spam-Level: * X-Spam-Status: No, score=1.212 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URI_HEX=1.313] autolearn=disabled Authentication-Results: spamd1-us-west.apache.org (amavisd-new); dkim=pass (1024-bit key) header.d=pcfreak.de Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id Z1rUF4y0iL76 for ; Mon, 1 Oct 2018 13:15:17 +0000 (UTC) Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id A284A5F4ED for ; Mon, 1 Oct 2018 13:15:17 +0000 (UTC) Received: by mail-wr1-f49.google.com with SMTP id e4-v6so79751wrs.0 for ; Mon, 01 Oct 2018 06:15:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pcfreak.de; s=google; h=from:to:subject:references:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=UIfZHuQv0gzss5mSAegX6sKXuJ4LoYKKtdXBBExieHo=; b=J0cPuilCs345iKEIRqsbgFYSJPe/sP7rFVVxBfj5YrHnHlAX8IG0gCMjHiUXh8w4/k nchqG829iavPi7PZArfOYcuTN2AX8bmZgb1OYUvN0pkeEYm/OTc4gw8atyR1KpHxWzIW F6INLEecTBeC1SjCA/A9lafvB1IBraW/y4BOo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:references:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=UIfZHuQv0gzss5mSAegX6sKXuJ4LoYKKtdXBBExieHo=; b=GKaZn4isn/WhKrGp+3V98ia7W5Nrrm293LDOQbW4N+vv5oIuTLoZH49J0E5pOSnBb9 luXBtr+eFXDmnnuxjU0lhkpiMqY7bNEIAaBIDasyg/dmw9HNwYQOS3k8hqiYnABc2yFF q/pa/VFTfbpleeMEYfeog64pbi542hQd7LIEZ08KsN2BpU810KL4WNDWFCWoGEfcUjF0 ZsQxWy6dMn0ZRCZSxl/UikjmS6DQFV/HzpVsSgd7Y0Bfgt1IQCGTTmzVLOtEy2Ypm196 n6VfUcZcFDPOT18fy/Awz0Bd9MGi/IzSgTm6sfZXCfIqxmAccP0dRM+q30dB7o4t4fct 13/Q== X-Gm-Message-State: ABuFfohG9j0Yy1Zc076w7mR1MO4GYtve2YAcCNBBsJTXPVTJaX10S2q9 FwE8Ub1pOHAg/v8iCHHEWefdxhQztTE= X-Google-Smtp-Source: ACcGV61OFfHcMv7J8WAHpjy71hMP6NAxgYLNhZ9EFicb19YFvZ/RhLuZlJsvFybChtZNXl+oqF/B/Q== X-Received: by 2002:adf:f44b:: with SMTP id f11-v6mr6845590wrp.305.1538399716074; Mon, 01 Oct 2018 06:15:16 -0700 (PDT) Received: from [10.110.180.53] (inetpop1.witron.de. [195.243.201.20]) by smtp.googlemail.com with ESMTPSA id w4-v6sm7659986wra.83.2018.10.01.06.15.15 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 01 Oct 2018 06:15:15 -0700 (PDT) From: Der PCFreak To: user@guacamole.apache.org Subject: Re: LDAP authentication problem References: <1537957555514-0.post@n4.nabble.com> <1538033394852-0.post@n4.nabble.com> <1538037132470-0.post@n4.nabble.com> <1538384554770-0.post@n4.nabble.com> <1538398907876-0.post@n4.nabble.com> Message-ID: Date: Mon, 1 Oct 2018 15:15:14 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.0 MIME-Version: 1.0 In-Reply-To: <1538398907876-0.post@n4.nabble.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 10/1/2018 3:01 PM, Galyrith wrote: > Here is my guacamole.properties file: > # LDAP Properties > ldap-hostname: pin.isim.intra > ldap-port: 389 > ldap-user-base-dn: OU=Comptes,DC=isim,DC=intra > ldap-search-bind-dn: CN=Bind,OU=Comptes,DC=isim,DC=intra > ldap-search-bind-password: xxxxxxx > ldap-username-attribute: sAMAccountName > ldap-max-search-results: 10000 > > In > ldap-user-base-dn: OU=Comptes,DC=isim,DC=intra > i have all users of the LDAP directory. > > i would like to make my ldap request further in my tree: > > Ideally in th ou "Etudiants". > > so I modify my guacamole.properties file like that: > > # LDAP Properties > ldap-hostname: pin.isim.intra > ldap-port: 389 > ldap-user-base-dn: OU=Etudiants,OU=Comptes,DC=isim,DC=intra > ldap-search-bind-dn: CN=Bind,OU=Comptes,DC=isim,DC=intra > ldap-search-bind-password: xxxxx > ldap-username-attribute: sAMAccountName > ldap-max-search-results: 10000 > ldap-follow-referrals: true > ldap-max-referral-hops: 5 > > but it doesn't work. > > > > > -- > Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/ I run Guacamole with docker-compose, where the configuration is slightly different but maybe you could find out where your error is by looking at my settings (yours adapted):       LDAP_HOSTNAME: pin.isim.intra       LDAP_PORT: 389       LDAP_USER_BASE_DN: OU=Etudiants,OU=Comptes,DC=isim,DC=intra       LDAP_USERNAME_ATTRIBUTE: CN,sAMAccountName       LDAP_SEARCH_BIND_DN: binduser@pin.isim.intra       LDAP_SEARCH_BIND_PASSWORD: yourpassword So it could be, that you have to fix ldap-search-bind-dn and ldap-username-attribute in your version. Mine is for Microsoft Active Directory and hopefully you get it running somehow. Regards Peter