On Fri, Apr 5, 2024 at 3:44 PM Chris Jordan wrote:
> Johnnie,
>
> In your guacamole properties, you can configure the extension priority so
> that you can hit the guacamole login screen without being automatically
> redirected to your IdP. This should allow you to still log in guacadmin (or
>
Johnnie,
In your guacamole properties, you can configure the extension priority so
that you can hit the guacamole login screen without being automatically
redirected to your IdP. This should allow you to still log in guacadmin (or
any non-SSO account), while preserving your SSO functionality. You
I created a guacadmin account in the IDP, this works and let's you use the
guacadmin account as normal.
On Fri, 5 Apr 2024, 19:59 Johnnie W Adams, wrote:
> Hi, folks,
>
> I've inherited a single instance of Guacamole which is behind SSO.
>
> This is unfortunate, because I can't log in
The docs don't allow for better linking, but Guacamole has support for reading
groups from the JWT. You have to do some work ahead of time in Guacamole itself
to set up a group named after your "admin group", giving the group "Administer
System" permissions (and others).