[jira] [Commented] (GUACAMOLE-1211) LDAP + TOTP + MySQL: User already exists

Mon, 16 Nov 2020 05:02:23 -0800 


    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17232739#comment-17232739
 ] 

Nick Couchman commented on GUACAMOLE-1211:
------------------------------------------

[~userman317]: No, the LDAP plugin does not automatically create database 
users. You either need to manually create the users, or enable the auto user 
creation in the JDBC module. This is documented in the manual:

http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-auto-create

> LDAP + TOTP + MySQL: User already exists
> ----------------------------------------
>
>                 Key: GUACAMOLE-1211
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1211
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole, guacamole-auth-jdbc-mysql, 
> guacamole-auth-ldap, guacamole-auth-totp
>    Affects Versions: 1.2.0
>            Reporter: Fabian I
>            Priority: Minor
>
> Versions in use:
>  * guacamole-auth-totp-1.2.0.jar
>  * guacamole-auth-ldap-1.2.0.jar
>  * guacamole-auth-jdbc-mysql-1.2.jar
>  * guacamole 1.2
>  * Tomcat9
>  * MariaDB 10.3.25
>  * Ubuntu Server 20.04.1
>  
> Issue description:
> User 1 does his first login on Guacamole over LDAPS. After entering the 
> correct credentials Guacamole says that the user already exists and aborts 
> the logon. User 1 does his second login on Guacamole over LDAPS and gets 
> successfully redirected to TOTP setup. Authentication is against Active 
> Directory,
>  
> Content of guacamole.properties:
> {code:java}
> #
> # MySQL properties
> #
> mysql-hostname: server
> mysql-port: port
> mysql-database: database
> mysql-username: user
> mysql-password: password
> mysql-auto-create-accounts: true
> #
> # TOTP properties
> #
> totp-issuer name
> totp-digits 6
> totp-period 30
> totp-mode sha1
> #
> # LDAP properties
> #
> auth-provider: 
> net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider
> ldap-hostname: hostname
> ldap-port: 636
> ldap-encryption-method: ssl
> ldap-max-search-results: 100
> ldap-search-bind-dn: bind-dn
> ldap-search-bind-password: bind-password
> ldap-user-base-dn: base-dn
> ldap-username-attribute: sAMAccountName
> ldap-member-attribute: member
> #ldap-member-attribute-type: dn
> #ldap-user-attributes:
> ldap-user-search-filter: (search-filter)
> #ldap-config-base-dn:
> #ldap-group-base-dn:
> #ldap-group-name-attribute:
> #ldap-dereference-aliases:
> ldap-follow-referrals: false
> #ldap-max-referral-hops:
> ldap-operation-timeout: 10
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to