I'm having a really strange LDAP issue on 1 of our Guacamole servers using LDAP. As far as I can tell, the LDAP is configured the same way (see below), and both machines can ping the LDAP Server by name, so its not a DNS issue. When we try to log in, we get:
Aug 12 16:28:27 tbfm-access server: 16:28:27.645 [http-bio-8080-exec-5] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [10.143.37.157, 127.0.0.1] for user "harry.devine" failed. The same account on the other guacamole server works: Aug 12 16:29:19 tfdm-access server: 16:29:19.122 [http-bio-8080-exec-1118] INFO o.a.g.r.auth.AuthenticationService - User "harry.devine" successfully authenticated from [10.143.37.157, 127.0.0.1]. Here's the LDAP config for the server that works (v 1.1.0): Guac1 (Does work): v 1.1.0 # LDAP Configuration ldap-hostname:ldap.example.com ldap-port:389 ldap-encryption-method:none ldap-dereference-aliases:never ldap-search-bind-dn:cn="Directory Manager" ldap-search-bind-password:passwd ldap-user-base-dn:cn=users,cn=accounts,dc=example,dc=com ldap-username-attribute:uid ldap-group-base-dn:cn=groups,cn=accounts,dc=example,dc=com And for the one that doesn't work (v 1.0.0): Guac2 (Does NOT work): v 1.0.0 #LDAP properties ldap-hostname:ldap.example.com ldap-port:389 ldap-encryption-method:none ldap-dereference-aliases:never ldap-search-bind-dn:cn="Directory Manager" ldap-search-bind-password:passwd ldap-user-base-dn:cn=users,cn=accounts,dc=example,dc=com ldap-username-attribute:uid ldap-group-base-dn:cn=groups,cn=accounts,dc=example,dc=com Any ideas? Should I upgrade the 1.0.0 version to 1.2.0? If so, how, as I haven't been able to find clear instructions on what needs to be done to do this? Thanks, Harry Harry Devine DOT/FAA/AJM-2431 Secure-OSE Administrator Red Hat Certified System Administrator (RHCSA) [email protected] (609)485-4218 Building 300, 3rd floor, Column L20 (3L20)
