guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hankins, Jonathan" <>
Subject Re: AD/LDAP Old/Disabled Users Still Listed?
Date Fri, 14 Jun 2019 21:19:11 GMT
Yes, but my point was that when guacamole reads the username from the login
form and does the LDAP query against AD, the marching is done case
sensitively, and will fail if your AD sAMAccountName or cn is in mixed case.

For example: AD user JoeUser can login to their Windows workstation as
"joeuser", but must login to guacamole as "JoeUser" (and also must be in
the Guacamole DB as "JoeUser") when authenticating against LDAP, IIRC.

Just something I ran into in my environment.

-Jonathan Hankins

On Fri, Jun 14, 2019 at 3:43 PM sciUser <>

> Windows usernames by default are not case sensitive, Active directory is
> case
> aware, unless you enable it to be case sensitive.
> Thank You
> -----
> A Cybersecurity Enablement Company
> We don't just run you through the motions, Our labs teach you how to
> think!
> Known good Guacamole  installations
> --
> Sent from:
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

Jonathan Hankins    Homewood City Schools

This e-mail is intended only for the recipient and may contain confidential 
or proprietary information. If you are not the intended recipient, the 
review, distribution, duplication or retention of this message and its 
attachments is prohibited. Please notify the sender of this error 
immediately by reply e-mail, and permanently delete this message and its 
attachments in any form in which they may have been preserved.

View raw message