2

After I configured the configuration below, it doesn't connect to the Active Directory. I can't login with a account of the Active Directory. What could be the problem?

I have a Ubuntu server 18.04 with Apache Guacamole v1.0.0. installed. I want to use LDAP-authentication to authenticate users. I have downloaded the guacamole-auth-ldap-1.0.0.jar and jldap-4.3.jar extensions.

ldap-hostname: 10.10.10.21, 10.10.10.22

ldap-port: 389

ldap-user-base-dn: OU=Users,DC=zoz,DC=lan

ldap-username-attribute: CN

ldap-config-base-dn: OU=Users,DC=zoz,DC=lan

ldap-encryption-method: none

I expect it should connect to the domain controller. But when I use the command "ldapsearch" it gives me the error that it can't contact the LDAP-server.

Jurre
  • 21
  • 1
  • 2
  • It seems like a network issue (not an ldap issue). What is the output of `telnet 10.10.10.21 389` on the machine that runs Guacamole ? – EricLavault May 15 '19 at 10:56
  • The output of telnet 10.10.10.21 389> on my server is: Trying 10.10.10.21... Connected to 10.10.10.21. Escape character is '^]'. – Jurre May 16 '19 at 11:40
  • Ok so it's *not* a network issue. Did you try to set just 1 host `ldap-hostname: 10.10.10.21` ? Please provide any logs/error output. – EricLavault May 16 '19 at 11:46
  • Sorry for my late reaction. In the meanwhile I added the following statements to guacamole.properties: ldap-search-bind-dn: CN=Jurre de Vries,OU=Students,OU=Users,DC=zoz,DC=lan followed by ldap-search-bind-password: ******. When I authenticate in Guacamole with username Jurre de Vries and password ******. The error I get in Guacamole is: Unable to query list of objects from LDAP directory. While catalina.out says: [http-nio-8080-exec-1] INFO o.a.g.r.auth.AuthenticationService - User "Jurre de Vries" succesfully authenticated from 10.70.247.171. – Jurre May 31 '19 at 08:20

1 Answers1

0

Please try this

ldap-hostname: 
ldap-port:
ldap-username-attribute: sAMAccountName
ldap-encryption-method: none
ldap-search-bind-dn: binduser@domain.com
ldap-search-bind-password: password
ldap-config-base-dn: dc=domain,dc=local
ldap-user-base-dn: OU=myou,DC=domain,DC=local
ldap-user-search-filter:(objectClass=user)(!(objectCategory=computer))
ldap-max-search-results:400

Restart Tomcat and gucad

Jobin James
  • 916
  • 10
  • 13