On Sat, Aug 10, 2019 at 12:11 AM surfrock66 <[email protected]> wrote:
> > > > What happens when you put the user base DN to the root, but set > > "ldap-follow-referrals" to "false"? > > > > It doesn't work, I get the following in the logs 3 times, then auth fails: > > WARN o.a.g.auth.ldap.ObjectQueryService - Given a referral, but referrals > are disabled. Error was: Referral > These are just warnings from the Guacamole perspective, not an actual failure. > > I am not sure if it's because my base dn is the root of the domain, but the > GC workaround isn't working either. > > > No, this is not why it's failing - I have my base DN set to the root of my domain, and it works fine. Here is my config (with sensitive details tweaked slightly): ldap-hostname: ldap.mycompany.com ldap-port: 389 ldap-encryption-method: none ldap-search-bind-dn: CN=Guac_Search,OU=Service Accounts,OU=Data Center,DC=mycompany,DC=com ldap-search-bind-password: 1mashedAvacado! ldap-user-base-dn: dc=mycompany,dc=com ldap-username-attribute: sAMAccountName ldap-follow-referrals: false If both this and the GC work-around aren't working, something else is going on. Have you enabled debug logging, yet, on the Guacamole Client side, and see what messages show up there? Here's the instructions on that: http://guacamole.apache.org/doc/gug/configuring-guacamole.html#webapp-logging -Nick
