Thank you very much Paul , it is working fine now .
On Mon, Jan 23, 2017 at 5:21 PM, Paul Cantle <[email protected]> wrote: > Hi, > > > > In modern versions of AD, to search from the root DN, you need to use port > 3268 so you can use the global catalogue > > > Try that instead of port 389 > > > > Rgds > > > paul > > > > > > > > *From: *Anburaj Palraj <[email protected]> > *Reply-To: *"[email protected]" < > [email protected]> > *Date: *Monday, 23 January 2017 at 11:41 > *To: *"[email protected]" <[email protected]. > apache.org> > *Subject: *is it possible to use ldap-user-base-dn as like > "ldap-user-base-dn: dc=example,dc=net" in Guacamole ? > > > Hi Friends, > > Currently i am using 0.9.10-incubating (Associating LDAP with a database) > and my guacamole property file is like below . > > == > > > guacd-hostname: localhost > guacd-port: 4822 > > ####LDAP properties optional for people with MS Active Directory / lDAP > environment > > ldap-hostname: 192.168.207.48 > ldap-port: 389 > ldap-user-base-dn: dc=example,dc=net > ldap-search-bind-dn: CN=guacamole,ou=Technology,ou= > BLR-KSPs,ou=BLR-KSP-Platina,ou=Platina - BLR,dc=example,dc=net > ldap-search-bind-password: Welcome@123 > ldap-username-attribute: sAMAccountName > > # MySQL properties > mysql-hostname: localhost > mysql-port: 3306 > mysql-database: guacadb > mysql-username: guacauser > mysql-password: guacauser@247 > > # Additional settings > mysql-default-max-connections-per-user: 0 > mysql-default-max-group-connections-per-user: 0 > mysql-disallow-duplicate-connections: false > > === > > Whereas if i use ldap-user-base-dn as like below , it is working fine . > but the problem here is users who all are under the main root directory > (not under any OU) they are not able to login > > > *ldap-user-base-dn: ou=Platina -BLR,DC=example,DC=net* > > > doc says "If a search DN is provided (via ldap-search-bind-dn), then > Guacamole users need only be somewhere within the subtree of the specified > user base DN." > > so if i use "ldap-user-base-dn: dc=example,dc=net" also sould work right > ? > > Please help me to solve this issue ? >
