Hello,
We have setup a test Guacamole server and are having an LDAP auth issue. If we
list the root of our AD in ldap-user-base-dn, guacamole throws an exception:
~~~
org.glyptodon.guacamole.GuacamoleServerException: Error while query user DNs.
at
org.glyptodon.guacamole.auth.ldap.user.UserService.getUserDNs(UserService.java:271)
~[guacamole-auth-ldap-0.9.9.jar:na]
~~~
I enabled debug error level and this is at the bottom of the stack trace:
~~~
Caused by: com.novell.ldap.LDAPReferralException: Referral
at com.novell.ldap.LDAPSearchResults.next(Unknown Source)
~[guacamole-auth-ldap-0.9.9.jar:na]
at
org.glyptodon.guacamole.auth.ldap.user.UserService.getUserDNs(UserService.java:262)
~[guacamole-auth-ldap-0.9.9.jar:na]
~~~
Now, if change ldap-user-base-dn to a different OU, where a specific user
resides - I can then login as that user or any other user under that OU,
however, because of the way our AD is structured I really need to have the top
level of our AD listed as the ldap-user-base-dn. Is there any way I can get
more detail about the error in the stack trace?
This is our guacamole.properties file:
~~~
# LDAP properties
ldap-hostname: dc.domain.com
ldap-port: 389
ldap-search-bind-dn: CN=adserviceaccount,CN=Users,DC=domain,DC=com
ldap-search-bind-password: password
ldap-user-base-dn: DC=domain,DC=com
ldap-username-attribute: sAMAccountName
~~~
