Mike, you´re the men, using that paramenter worked, thanks so much. About the users that doesn´t appear when logged in, i´m using for test my User AD to connect ldap and do the search, i´m a domain admin in the ad, so i have much more permissions that i need to do that, i don´t know if my guacamole.properties is right, follow it below, when i connect any user from AD that isn´t created beforte on the guacamole, i can connect to guacamole, don´t appear to connect the TOTP authentication, but now show any connect or option to create a connection.
ldap-hostname: 172.16.1.32 (IP from AD) ldap-port: 389 ldap-encryption-method: none ldap-user-base-dn: DC=redisul,DC=com,DC=br ldap-search-bind-dn: CN=Guilherme Carvalho,OU=Engenharia,OU=Usuarios,OU=Sede,DC=redisul,DC=com,DC=br ldap-search-bind-password: mypasswordhere ldap-username-attribute: sAMAccountName Thanks. Guilherme Carvalho Em seg., 16 de mar. de 2020 às 15:59, Mike Jumper <[email protected]> escreveu: > On Mon, Mar 16, 2020 at 11:48 AM Guilherme Carvalho <[email protected]> > wrote: > >> Hello guys, i have a doubt, i´m using the version 1.1.0, i have TOTP and >> Ldap authentication, but i would like to connect to my RDP windows server >> 2012 using the same credentials that i inform to logged into the Guacamole >> or can connect to the server withou password and inform the password during >> or after the connection, not inform the user/password under Server >> Connections, because to add a user i will need to know the AD Password that >> is not good idea. >> > > You can do this using the ${GUAC_USERNAME} and ${GUAC_PASSWORD} parameter > tokens: > > > http://guacamole.apache.org/doc/gug/configuring-guacamole.html#parameter-tokens > > Another Doubt, why the users can connect using it´s credentials from AD >> but the users don´t appears on the Guacamole?? i can´t set a permission to >> it, so i need to create user to everybody. >> > > For users to appear within the administrative interface of Guacamole, the > LDAP account that corresponds to the user you use to manage Guacamole must > have permission to query LDAP users. It may simply be that the user you're > using to administer Guacamole does not exist within LDAP, and thus can't be > used to query LDAP. > > See: http://guacamole.apache.org/doc/gug/ldap-auth.html#ldap-and-database > > - Mike > >
