Intern
Intern Hi We use ldap for user authentication and connection assignments (ldap group name matches local guacamole group name and guacamole group is assigned to one or more connections). That works perfectly. We also can create/modify users in guacamole_frontend to assign further permissions (still using ldap for authentication and ldap groups for connection assignment) The problem occurs when we delete a user in guacamole_frontend. * expected behavior: user is deleted from database. On next login (a new) user is auto-created - user can login and can use the connections assigned by ldap-groups * observed behavior: user cannot login (Invalid Login). Logs shows that user "was successfully authenticated by LDAP server" - no hint why the login is not possible guacamole_frontend | 08:27:04.323 [http-nio-8080-exec-3] INFO o.a.g.a.l.AuthenticationProviderService - User "abc" was successfully authenticated by LDAP server "someserver". guacamole_frontend | 08:27:04.625 [http-nio-8080-exec-3] INFO o.a.g.r.auth.AuthenticationService - User "abc" successfully authenticated from [ip, 172.18.0.2]. If I log in to guacamole_frontend with the adminuser which previously created the affected user, I still see the affected user! But I cannot delete the user. If I log in to guacamole_frontend with guacadmin user, I cannot see the affected user. I cannot find username in mysql database. Purging mysql history tables has no effect. Workaround: create user in guacamole_frontend (just set username - all other fields empty). Then user can login and use the connections assigned by the ldap group How can we remove this user completely so that it is re-created on next login? We use guacd docker (1.5.5) with mysql database and ldap authentication. MYSQL_AUTO_CREATE_ACCOUNTS: true Regards Daniel
