RE: ldap-servers.yml not working

Thu, 18 Jul 2024 07:08:37 -0700 

Lucian,

The only thing in my guacamole.properties file is:
guacd-hostname: 127.0.0.1
guacd-port: 4822

# MySQL properties
mysql-hostname: 127.0.0.1
mysql-database: guacamole_db
mysql-username: redacted
mysql-password: redacted

#LDAPS properties
#commented out properties for testing

The only difference I see between our ldap-servers.yml files are you're using a 
search filter and I'm not.  Unless there's some weird formatting with yml files 
that I'm just missing...


From: Luciano Oliveira <olluci...@outlook.com>
Sent: Thursday, July 18, 2024 8:12 AM
To: user@guacamole.apache.org
Subject: RE: ldap-servers.yml not working

EXTERNAL EMAIL: Do not click any links or open any attachments unless you trust 
the sender and know the content is safe.

Look, my ldap-servers.yml

- hostname: ldap.domain.local
  port: 636
  encryption-method: ssl
  user-base-dn: dc=domain,dc=local
  match-usernames:
    - LOCAL\\(.*)
    - (.*)@domain\.local
  username-attribute: sAMAccountName
  search-bind-dn: cn=srv_gcd,ou=ServicesAuth,dc=domain,dc=local
  search-bind-password: passwordXsds224e
  user-search-filter: 
(&(&(objectClass=user)(objectCategory=person))(memberof=cn=acess_guacd,ou=Groups,dc=domain,dc=local))

- hostname: ldap.sub.domain.local
  port: 636
  encryption-method: ssl
  user-base-dn: dc=sub,dc=domain,dc=local
  match-usernames:
    - SUB\\(.*)
    - (.*)@sub\.domain\.local
  username-attribute: sAMAccountName
  search-bind-dn: cn=srv_sub_gcd,ou=ServicesAuth,dc=sub,dc=domain,dc=local
  search-bind-password: passwordXX5485
  user-search-filter: 
(&(&(objectClass=user)(objectCategory=person))(memberof=cn=accesso_guaca_sub,ou=Groups,dc=sub,dc=domain,dc=local))

Remember that the guacamole.properties file should only contain the 
configuration:
"auth-provider: 
net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider" and others.

The LDAP parameters should only be in the ldap-servers.yml file.

At.te,

Luciano!


________________________________
De: Michael Jumper <mjum...@apache.org<mailto:mjum...@apache.org>>
Enviado: quarta-feira, 17 de julho de 2024 15:23
Para: user@guacamole.apache.org<mailto:user@guacamole.apache.org> 
<user@guacamole.apache.org<mailto:user@guacamole.apache.org>>
Assunto: Re: ldap-servers.yml not working

On 7/17/24 10:18 AM, Nic Fargo wrote:
> I'm trying to use the multiple LDAP servers settings discussed in the
> Apache Guacamole Manual v1.5.5.  I'm not sure if there's a flag that
> needs to be in /etc/guacamole/guacamole.properties to use the
> ldap-servers.yml file, or if it uses it automatically when present.

It's automatically read and used when present and readable.

> My ldap-servers.yml has the following data: ...

What are the permissions on this file?

What do you see in your Guacamole logs?

- Mike

---------------------------------------------------------------------
To unsubscribe, e-mail: 
user-unsubscr...@guacamole.apache.org<mailto:user-unsubscr...@guacamole.apache.org>
For additional commands, e-mail: 
user-h...@guacamole.apache.org<mailto:user-h...@guacamole.apache.org>

Reply via email to