Hello, Following with the challenge of authenticate users from two different domains, I'm applying the following settings because could be users and/or groups with exactly the same sAMAccountName on both domains:
username-attribute: userPrincipalName (will be something like [email protected]) match-username: (.*@domain\.local) This regex make sense to me because I want to capture user@domain to match with userPrincipalName but the authentication fails with the following errors: Note that "ldap-user-base-dn" is properly defined because before use this regex works properly. Aug 8 07:34:58 guacamole tomcat9[8489]: 07:34:58.924 [https-openssl-nio-443-exec-3] WARN o.a.g.e.AuthenticationProviderFacade - The "ldap" authentication provider has encountered an internal error which will halt the authentication process. If this is unexpected or you are the developer of this authentication provider, you may wish to enable debug-level logging. If this is expected and you wish to ignore such failures in the future, please set "skip-if-unavailable: ldap" within your guacamole.properties. Aug 8 07:34:58 guacamole tomcat9[8489]: 07:34:58.924 [https-openssl-nio-443-exec-3] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from 10.x.x.x for user "[email protected]" failed. Aug 8 07:34:58 guacamole tomcat9[8489]: 07:34:58.924 [https-openssl-nio-443-exec-3] ERROR o.a.g.rest.RESTExceptionMapper - Request could not be processed: Property ldap-user-base-dn is required. Thanks *Manel Molina* *[email protected] <[email protected]>* *Dirección de Ciberseguridad* Ciutat de L’Aigua (D38) Paseo de la Zona Franca, 48 08038 Barcelona / España www.veolia.com <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect2.fireeye.com%2Fv1%2Furl%3Fk%3D31323334-501d5122-31356fd6-454445555731-a8425f343e5c4fad%26q%3D1%26e%3D30530535-2971-48a4-8441-12c02ea4dc09%26u%3Dhttps%253A%252F%252Feur01.safelinks.protection.outlook.com%252F%253Furl%253Dhttp%25253A%25252F%25252Fwww.veolia.com%25252F%2526data%253D05%25257C01%25257Csergi.carmona%252540agbar.es%25257C4c93dad3808642dd7ec308da3ccb99ab%25257Cf4a12867922d4b9dbb859ee7898512a0%25257C0%25257C0%25257C637889142388029142%25257CUnknown%25257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%25253D%25257C3000%25257C%25257C%25257C%2526sdata%253DJJM7r2MgHUaiuJD%25252Bk2xlr3opNEFsJkp%25252Byh2MJq0XRS0%25253D%2526reserved%253D0&data=05%7C01%7Coriol.val%40agbar.es%7C8a3587bd93134628cf9908da4d2baf8e%7Cf4a12867922d4b9dbb859ee7898512a0%7C0%7C0%7C637907147446774859%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5Vjff2WWXgkB77AldZ5g116HPKmbRv1h5PRjQjH9k0o%3D&reserved=0> El vie, 4 ago 2023 a las 13:32, Molina de la Iglesia, Manuel (< [email protected]>) escribió: > Hello, > > I would like to authenticate users of two different active directory > domains, I tried to add both domains just like two LDAP servers, (all > properties of each domain on the same guacamole.properties file, I'm not > using ldap-servers.yml) each one is pointing to a domain controller of a > different domain, but it's not working. Any ideas? > > Thanks > > *Manel Molina* > > *[email protected] > <[email protected]>* > > *Dirección de Ciberseguridad* > > Ciutat de L’Aigua (D38) > > Paseo de la Zona Franca, 48 > 08038 Barcelona / España > > www.veolia.com > <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fprotect2.fireeye.com%2Fv1%2Furl%3Fk%3D31323334-501d5122-31356fd6-454445555731-a8425f343e5c4fad%26q%3D1%26e%3D30530535-2971-48a4-8441-12c02ea4dc09%26u%3Dhttps%253A%252F%252Feur01.safelinks.protection.outlook.com%252F%253Furl%253Dhttp%25253A%25252F%25252Fwww.veolia.com%25252F%2526data%253D05%25257C01%25257Csergi.carmona%252540agbar.es%25257C4c93dad3808642dd7ec308da3ccb99ab%25257Cf4a12867922d4b9dbb859ee7898512a0%25257C0%25257C0%25257C637889142388029142%25257CUnknown%25257CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%25253D%25257C3000%25257C%25257C%25257C%2526sdata%253DJJM7r2MgHUaiuJD%25252Bk2xlr3opNEFsJkp%25252Byh2MJq0XRS0%25253D%2526reserved%253D0&data=05%7C01%7Coriol.val%40agbar.es%7C8a3587bd93134628cf9908da4d2baf8e%7Cf4a12867922d4b9dbb859ee7898512a0%7C0%7C0%7C637907147446774859%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5Vjff2WWXgkB77AldZ5g116HPKmbRv1h5PRjQjH9k0o%3D&reserved=0> > > >
