On Tue, Mar 24, 2020 at 9:25 PM Itzik Bekel <[email protected]> wrote:
> Hi > > I just managed to implement SSO with guacamole and Azure AD > > however, I do not understand how I can manage the permissions, > > now, when I logged in using the SSO with my Azure AD user, I can see a > blank > page in guacamole (meaning, there is no connections) , seems that I logged > in as anonymous user. > > You're not logged in as an anonymous user, but the user you've logged in as doesn't have any permissions to any connections. > how I can manage this permission and set my user as Admin in guacamole ? > > Are you using the JDBC module for connection storage? If so, then you need to create a user in the JDBC module that matches the name of the user from your OpenID authentication and assign that user permissions. At this point the OpenID module does not support enumerating groups, so you'll have to make sure the users are created in the JDBC module, and are either assigned permissions directly or linked to a JDBC group that has permissions assigned. This is covered best in the manual in the section about running JDBC and LDAP; http://guacamole.apache.org/doc/gug/ldap-auth.html#ldap-and-database -Nick
