Hi PlayerOne and vnick, I think I also read that MySQL creates a salted password when a new user is created - but I wasn't sure.
But when guacadmin was administrating that new user, for example by adding a Group or adding Connections, The web GUI would report "Passwords not identical" for the two user password fields. I would then have guacadmin delete both passwords, allowing the changed user to be saved. I then found that the user could logon with no password = alarm bells. Hence to make sure that couldn't happen, whenever I created a user via the MySQL command line, I explicitly used a Powershell/.Net method to generate a password and assign it to the new user. And now I know that whenever a user is administrated via the web GUI, a random password must be provided by guacadmin. All this applicable when using Radius with MySQL - I haven't adequately tested any other authentication combinations. Not sure if my understandings are correct though. -David -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
