[jira] [Commented] (GUACAMOLE-1211) LDAP + TOTP + MySQL: User already exists

Mon, 16 Nov 2020 02:44:29 -0800 


    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17232679#comment-17232679
 ] 

Fabian I commented on GUACAMOLE-1211:
-------------------------------------

Thank you for the auth-provider hint. We removed it from our config.

There is no difference in the username supplied in the different attempts.

If they are completly new users they should be exist in the database don't 
they? Or does the LDAP Plugin import all users from the AD Group (maybe in 
different case) and that is the reason for the message?

> LDAP + TOTP + MySQL: User already exists
> ----------------------------------------
>
>                 Key: GUACAMOLE-1211
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1211
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole, guacamole-auth-jdbc-mysql, 
> guacamole-auth-ldap, guacamole-auth-totp
>    Affects Versions: 1.2.0
>            Reporter: Fabian I
>            Priority: Minor
>
> Versions in use:
>  * guacamole-auth-totp-1.2.0.jar
>  * guacamole-auth-ldap-1.2.0.jar
>  * guacamole-auth-jdbc-mysql-1.2.jar
>  * guacamole 1.2
>  * Tomcat9
>  * MariaDB 10.3.25
>  * Ubuntu Server 20.04.1
>  
> Issue description:
> User 1 does his first login on Guacamole over LDAPS. After entering the 
> correct credentials Guacamole says that the user already exists and aborts 
> the logon. User 1 does his second login on Guacamole over LDAPS and gets 
> successfully redirected to TOTP setup. Authentication is against Active 
> Directory,
>  
> Content of guacamole.properties:
> {code:java}
> #
> # MySQL properties
> #
> mysql-hostname: server
> mysql-port: port
> mysql-database: database
> mysql-username: user
> mysql-password: password
> mysql-auto-create-accounts: true
> #
> # TOTP properties
> #
> totp-issuer name
> totp-digits 6
> totp-period 30
> totp-mode sha1
> #
> # LDAP properties
> #
> auth-provider: 
> net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider
> ldap-hostname: hostname
> ldap-port: 636
> ldap-encryption-method: ssl
> ldap-max-search-results: 100
> ldap-search-bind-dn: bind-dn
> ldap-search-bind-password: bind-password
> ldap-user-base-dn: base-dn
> ldap-username-attribute: sAMAccountName
> ldap-member-attribute: member
> #ldap-member-attribute-type: dn
> #ldap-user-attributes:
> ldap-user-search-filter: (search-filter)
> #ldap-config-base-dn:
> #ldap-group-base-dn:
> #ldap-group-name-attribute:
> #ldap-dereference-aliases:
> ldap-follow-referrals: false
> #ldap-max-referral-hops:
> ldap-operation-timeout: 10
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to