Hello everyone, I have a few questions about the OpenID integration in Guacamole.
First of all I already successfully completed the following steps: 1. I have successfully setup OpenID Connect to use Azure AD as the OpenID Connect provider. 2. The login works and I end up in the web interface, however there is no access to any settings or connections. Now for the questions: 1. No Connections for users When logging in, the user can not see any connections (which makes sense, as I have to select connections the user can access when creating a database-user by hand). AFAIU other posts on this list, to get access to the connections or groups as a user, this user must exist in the database with the same username, as the one provided by OpenID (http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/OpenID-Connect-JDBC-td5097.html#a5099%C3%A4). If this is correct, I assume every OpenID user *must* have a database user to actually be able to use Guacamole? And if so, is there any way that Guacamole can create this user automatically, or is this something that would need to be implemented in an extension? If this can not be done automatically, how is everyone else using OpenID Connect and Guacamole - how do you add connections/groups/asf.? I already tried to work with the OpenID users inside an extension as well, but realized that an OpenID user does not have a UserContext set (it is simply null) - is it required to have a database user for a UserContext? 2. Skip-if-unavailable not working And another one - I tried to use the skip-if-unavailable setting with the value: skip-if-unavailable: openid, postgresql However, if Azure AD is not reachable (I simply disconnected the network and guacamole runs locally), there is no redirect to the default login page. Am I understanding this setting incorrectly or am I just putting incorrect values there? Thanks for any answers and thanks for developing this great tool! Best regards, Sent with [ProtonMail](https://protonmail.com) Secure Email.
