On 8/8/2023 12:41 AM, Molina de la Iglesia, Manuel wrote:
Hello,
Following with the challenge of authenticate users from two different
domains, I'm applying the following settings because could be users
and/or groups with exactly the same sAMAccountName on both domains:
username-attribute: userPrincipalName (will be something like
[email protected])
match-username: (.*@domain\.local)
This regex make sense to me because I want to capture user@domain to
match with userPrincipalName but the authentication fails with the
following errors:
Note that "ldap-user-base-dn" is properly defined because before use
this regex works properly.
This suggests that something else has changed to cause
"ldap-user-base-dn" to no longer be defined, but there really is no
other possible cause of that error.
...
Aug 8 07:34:58 guacamole tomcat9[8489]: 07:34:58.924
[https-openssl-nio-443-exec-3] ERROR o.a.g.rest.RESTExceptionMapper -
Request could not be processed: Property ldap-user-base-dn is required.
This error really does indicate exactly what it says: you have (somehow)
not specified the "ldap-user-base-dn" property that is required for LDAP
to be used. You must either specify this property or include the
"user-base-dn" property for each of the servers defined in your
"ldap-servers.yml".
If you have specified "ldap-user-base-dn" in your guacamole.properties
but are still seeing this error, that suggests that the
guacamole.properties file in question is either not the file that
Guacamole is reading (this will be logged at startup) or possibly cannot
be read due to permissions (this should also be logged). It may also be
the case that there is a typo in your property name, or that it was
inadvertently commented out.
- Mike
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
