[ https://issues.apache.org/jira/browse/GUACAMOLE-687?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16734781#comment-16734781 ]
Michael Jumper commented on GUACAMOLE-687: ------------------------------------------ Testing against both {{guacamole/guacamole:0.9.14}} and {{guacamole/guacamole:1.0.0-RC1}} specifying the following: * {{LDAP_HOSTNAME}} (in my case the IP address of the Docker host) * An {{LDAP_USER_BASE_DN}} which does not contain the account used for {{LDAP_SEARCH_BIND_DN}} * An {{LDAP_USERNAME_ATTRIBUTE}} which is different from the default "uid" (I used same as your case: "cn") * An {{LDAP_SEARCH_BIND_DN}} which is outside the {{LDAP_USER_BASE_DN}} * {{LDAP_SEARCH_BIND_PASSWORD}} containing the password of the account specified by {{LDAP_SEARCH_BIND_DN}} I am unable to reproduce the problem described. Logins for all users in the directory work as expected with both images. No errors in the logs. > LDAP Failure in 1.0.0-RC1 (official docker hub image guacamole/guacamole) > ------------------------------------------------------------------------- > > Key: GUACAMOLE-687 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-687 > Project: Guacamole > Issue Type: Bug > Components: guacamole-auth-ldap, guacamole-docker > Affects Versions: 1.0.0 > Reporter: Joshua Landon Key > Priority: Major > > I currently have a system up and running in docker with the following yml > compose file. I was planning on upgrading to the 1.0.0-RC1 image which was > made available less than a month ago on the docker hub to I used the > appropriate tags :1.0.0-RC1 instead of the :latest which is still using > 0.9.14. The problem that I am encountering is that given the appropriate > changes to the docker system I am presented with a running instance that > seems to work in all areas but one. LDAP Authentication fails with a message > indicating that it can not query the ldap system. when examining the network > calls through the browser dev tools I notice that it is the call to > /api/tokens which is failing and returning this failure message via a json > result. I want to note that the file below (with the *** replaced with the > appropriate values) works in version 0.9.14 but fails in 1.0.0-RC1. I have > also confirmed that by simply using the :latest and not the :1.0.0-RC1 that > the issue resolves itself (the DB has to be recreated but that is due to > schema differences). > {code:none|title=Docker Compose YML} > version: '3.0' > services: > guacd: > image: guacamole/guacd > volumes: > - drive:/drive:rw > - record:/record:rw > deploy: > replicas: 1 > postgres: > environment: > POSTGRES_DB: ********** > POSTGRES_PASSWORD: ********** > POSTGRES_USER: ********** > image: postgres > volumes: > - /usr/share/guac/init:/docker-entrypoint-initdb.d:ro > deploy: > replicas: 1 > guacamole: > depends_on: > - guacd > - postgres > environment: > GUACD_HOSTNAME: guacd > POSTGRES_DATABASE: ********** > POSTGRES_HOSTNAME: postgres > POSTGRES_PASSWORD: ********** > POSTGRES_USER: ********** > EXTENSIONS: auth-ldap > LDAP_HOSTNAME: ldap.**********.com > LDAP_USER_BASE_DN: OU=Employee,OU=Users,OU=Accounts,DC=**********,DC=com > LDAP_USERNAME_ATTRIBUTE: cn > LDAP_SEARCH_BIND_DN: > CN=**********,OU=Service,OU=Users,OU=Accounts,DC=**********,DC=com > LDAP_SEARCH_BIND_PASSWORD: ********** > image: guacamole/guacamole > deploy: > replicas: 1 > volumes: > drive: > driver: local > record: > driver: local > data: > driver: local > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)