guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From surfrock66 <surfroc...@surfrock66.com>
Subject Re: Path forward to get Guacamole working with AD LDAP?
Date Fri, 09 Aug 2019 22:56:47 GMT
Sorry for constant messages, but we have a working test case...when we target
an OU outside the root.  Referencing the above OU layout:

#LDAP/AD Properties
ldap-hostname:                   10.1.10.3
ldap-port:                           389
ldap-user-base-dn:              OU=Office2,DC=AD,DC=DOMAIN,DC=org
ldap-search-bind-dn:           CN=svcLDAPLookup,OU=Service
Accounts,DC=AD,DC=DOMAIN,DC=org
ldap-search-bind-password:  ********
ldap-follow-referrals:            true
ldap-username-attribute:      SAMAccountName

The user being tested is in an OU below the referenced base DN, so
traversing works, since anonymous binding is disabled the search user is
working, but if we change the base DN to hit the root of the domain and not
an OU, we get a null referral error.

I see nothing in my research about what in my AD might be causing a null
referral and instead see it as an issue in general with targeting root
domains, but this seems pretty DOA for our org.



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org


Mime
View raw message