On Mon, May 13, 2019 at 9:48 AM Ciro Iriarte <[email protected]> wrote:
> Hello, > > Installed GIT 1.1.0 version of Guacamole using > https://github.com/Zer0CoolX/guacamole-install-rhel, it mostly works > but I'm having issues with the LDAP integration. > > Doing a ldapsearch from the server, everything is fine, filter works, > I get the expected users but using the application I get: > > may 13 08:41:41 tools01.lab.lan server[14257]: 08:41:41.552 > [http-bio-8080-exec-5] ERROR o.a.g.auth.ldap.ObjectQueryService - > Could not follow referral: null > may 13 08:41:41 tools01.lab.lan server[14257]: 08:41:41.553 > [http-bio-8080-exec-5] ERROR o.a.g.a.l.AuthenticationProviderServi > ce - Cannot bind with LDAP server: Unable to query list of objects > from LDAP directory. > may 13 08:41:41 tools01.lab.lan server[14257]: 08:41:41.554 > [http-bio-8080-exec-5] WARN o.a.g.r.auth.AuthenticationService - > Authentication attempt from 10.2.0.204 for user "liriarte" failed. > > > Current configuration: > > ldap-hostname: dc01.lab.lan > ldap-port: 636 > ldap-encryption-method: ssl > ldap-user-base-dn: dc=lab,dc=lan > ldap-search-bind-dn: cn=guacauser,cn=Users,dc=lab,dc=lan > ldap-search-bind-password: SuperSecure > ldap-username-attribute: sAMAccountName > ldap-user-search-filter: > > (&(memberOf=cn=svcGuacamole,cn=Users,dc=lab,dc=lan)(objectclass=organizationalPerson)(!(userAccountControl:1.2.840.113556.1.4.803:=2))) > ldap-follow-referrals: true > You've explicitly enabled following referrals, and there's some sort of issue with it actually following the referrals, as indicated in the error message, above. I would try disabling following referrals and see if that works properly, and go from there. It looks like the referral that it is trying to follow has some sort of null reference, so, somehow either the referral is bad, perhaps a permissions error is blocking it, something like that. -Nick
