On Thu, Sep 29, 2022 at 9:27 AM Johnson, Nachay [USA]
<[email protected]> wrote:
>
> Hi Everyone,
>
>
>
> I was able to get SSO working for logging into the guacamole, but how do I
> RDP to a system without entering a username and password. The SSO was setup
> on my F5, so user never enters a username/password. I tried adding the
> variables below in connection properties, but this won’t work since user
> doesn’t enter a password at login. How can I auto populate users AD
> credentials into the VM
>
>
>
> Username: ${GUAC_USERNAME}
> Password: ${GUAC_PASSWORD}
>
Unless you're using CAS with the ClearPass extension enabled, this
will not work - if you're using SAML or OpenID, the SSO providers do
not have access to the AD credentials, and will not be able to
retrieve them. The ${GUAC_USERNAME} token will still come through, but
the password token will not be available.
It's worth mentioning this isn't unique to Guacamole - in my Day Job,
we use Azure WVD with their Remote Desktop provider for VDI, and users
have to first authenticate via ADFS (SAML) SSO, and then are required
to re-enter their Windows password when actually opening the
connection.
-Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
