On Tue, Jul 7, 2020 at 10:14 AM Enrico FANTI <[email protected]> wrote:
> Hi. > > > > It’s possible to have an “ldap authentication” on “2” windows domanis > (domain1.local, domain2.local). > > > > We have 2 domains in active directory, and it’s working with a single > domain configuration. > As currently implemented, you would have to do two things to make this work in Guacamole: 1) Be able to access both domains from a single LDAP server. You can do this using referrals on the LDAP server(s), or by setting up an LDAP server to proxy multiple domains (OpenLDAP has some very powerful features for this). 2) Usernames would have to be unique between the two domains - any overlapping accounts would cause problems. There are a couple of JIRA issues that will help address this - one is the ability to use multiple LDAP servers in the configuration ( https://issues.apache.org/jira/browse/GUACAMOLE-957), and the other is supporting various LDAP bind and username formats that might allow for UPN-formatted logins (https://issues.apache.org/jira/browse/GUACAMOLE-536). -Nick >
