Re: ldap question

Mon, 22 Oct 2018 12:01:08 -0700 

On Mon, Oct 22, 2018 at 11:46 AM Angel Elena <[email protected]> wrote:

> ...
> >
> > # zeus, craem.net <http://craem.net>
> > dn: cn=zeus,dc=craem,dc=net
> > objectClass: guacConfigGroup
> > objectClass: groupOfNames
> > cn: zeus server
> > cn: zeus
> > guacConfigProtocol: ssh
> > guacConfigParameter: hostname=zeus
> > guacConfigParameter: port=22
> > member: cn=angel,ou=zarafa-users,dc=craem,dc=net
> >
> >
> >
> > According to what you've posted, the DN of this user is "cn=Angel
> > Elena,cn=zarafa-users,dc=craem,dc=net", not "cn=angel,ou=...". The DN
> specified
> > in the member attribute here will not match.
> >
> > - Mike
> >
> >
>
> Ok, I try with another user:
>
> root@asterisk:~# ldapsearch -h localhost -p 389 -x -b "dc=craem,dc=net"
>
> # convidat, zarafa-users, craem.net
> dn: cn=convidat,cn=zarafa-users,dc=craem,dc=net
> givenName: convidat
> sn: guifi
> cn: convidat
> uid: convidat
> uidNumber: 1027
> gidNumber: 500
> homeDirectory: /home/users/convidat
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: top
> objectClass: radiusprofile
> dialupAccess: 1
>
>
> # zeus, craem.net
> dn: cn=zeus,dc=craem,dc=net
> objectClass: guacConfigGroup
> objectClass: groupOfNames
> cn: zeus server
> cn: zeus
> guacConfigProtocol: ssh
> guacConfigParameter: hostname=zeus
> guacConfigParameter: port=22
> member: cn=convidat,cn=zarafa-users,dc=craem,dc=net
> member: cn=Angel Elena,cn=zarafa-users,dc=craem,dc=net
>
>
> With the same result.... no servers displayed, but i can login.
>
> dn (distinguised name) = convidat  I think that all data is correct.
>
>
You will also need to specify the "ldap-config-base-dn" property. I don't
see this property in your earlier posts of your guacamole.properties. From
the section of the Guacamole manual covering installation and configuration
of LDAP support:

"ldap-config-base-dn
The base of the DN for all Guacamole configurations. This property is
optional. If omitted, the configurations of Guacamole connections will
simply not be queried from the LDAP directory. ..."

See: http://guacamole.apache.org/doc/gug/ldap-auth.html

- Mike

Reply via email to