LDAP and MySQL do SSO to RDP

[Bastiaan van Haastrecht <b....@gmail.com>]

Hello all,

First I want to thank the Guacamole team for an exelent job. The whole
software is just amazing and works very well.

I do however am a little confused about the posibility of SSO to RDP.
According to JIRA there should be an form of SSO posible, as all related
have status DONE. https://glyptodon.org/jira/browse/GUAC-490

But I'm unable to find any info on how to configure this. I would like to
SSO the LDAP credentials to the RDP connections configured/accosiated in
MySQL.

Any guidance is very welcome.

Kind Regards,
Bastiaan

Re: LDAP and MySQL do SSO to RDP

[Bastiaan van Haastrecht <b....@gmail.com>]

Thanks all for your replies, indeed these variables did the job. I can now
SSO with LDAP credentials to the RDP. Connection info stored in MySQL.

I have also send a second question regarding the MySQL/LDAP about
grouping/autoprovisioning. Hope someone has a solution for this or perhaps
it can become an feature request.

Thanks, regards,
Bastiaan

2016-08-03 4:54 GMT+02:00 Peter Burdine <pb...@gmail.com>:

> That is exactly correct.
>
> If you want NLA working, you will also need to set the domain as well.
>
> If you use the DB for connection information, but don't want to use it for
> authentication, create the users in the database (with the same user name
> as in LDAP), but disable the account.  The account will then only be
> authenticated via LDAP, but it will get the connection info from the
> database.
>
> --Peter
>
>
> On Tue, Aug 2, 2016 at 9:47 AM, Nick Couchman <ni...@seakr.com>
> wrote:
>
>> Bastiaan,
>> I think all you have to do is, when creating the connection, use the
>> following items for configuration:
>> Username: ${GUAC_USERNAME}
>> Password: ${GUAC_PASSWORD}
>>
>> Then, assuming you've either configured the LDAP extension with Active
>> Directory as your service, or your username and password in another LDAP
>> directory or the database match your RDP credentials, it will pass through
>> the Guacamole authentication information to the RDP session, which should
>> result in the "SSO" configuration you're looking for.  I haven't tried it,
>> yet - it's on my list of things to do.
>>
>> -Nick
>>
>> On Aug 2, 2016, at 01:33, Bastiaan van Haastrecht <
>> b.vanhaastrecht@gmail.com> wrote:
>>
>> Hello all,
>>
>> First I want to thank the Guacamole team for an exelent job. The whole
>> software is just amazing and works very well.
>>
>> I do however am a little confused about the posibility of SSO to RDP.
>> According to JIRA there should be an form of SSO posible, as all related
>> have status DONE. https://glyptodon.org/jira/browse/GUAC-490
>>
>> But I'm unable to find any info on how to configure this. I would like to
>> SSO the LDAP credentials to the RDP connections configured/accosiated in
>> MySQL.
>>
>> Any guidance is very welcome.
>>
>> Kind Regards,
>> Bastiaan
>>
>>
>> ------------------------------
>>
>> This e-mail may contain SEAKR Engineering (SEAKR) Confidential and
>> Proprietary Information. If this message is not intended for you, you are
>> strictly prohibited from using this message, its contents or attachments in
>> any way. If you have received this message in error, please delete the
>> message from your mailbox. This e-mail may contain export-controlled
>> material and should be handled accordingly.  ­­
>>
>
>

Re: LDAP and MySQL do SSO to RDP

[Peter Burdine <pb...@gmail.com>]

That is exactly correct.

If you want NLA working, you will also need to set the domain as well.

If you use the DB for connection information, but don't want to use it for
authentication, create the users in the database (with the same user name
as in LDAP), but disable the account.  The account will then only be
authenticated via LDAP, but it will get the connection info from the
database.

--Peter


On Tue, Aug 2, 2016 at 9:47 AM, Nick Couchman <ni...@seakr.com>
wrote:

> Bastiaan,
> I think all you have to do is, when creating the connection, use the
> following items for configuration:
> Username: ${GUAC_USERNAME}
> Password: ${GUAC_PASSWORD}
>
> Then, assuming you've either configured the LDAP extension with Active
> Directory as your service, or your username and password in another LDAP
> directory or the database match your RDP credentials, it will pass through
> the Guacamole authentication information to the RDP session, which should
> result in the "SSO" configuration you're looking for.  I haven't tried it,
> yet - it's on my list of things to do.
>
> -Nick
>
> On Aug 2, 2016, at 01:33, Bastiaan van Haastrecht <
> b.vanhaastrecht@gmail.com> wrote:
>
> Hello all,
>
> First I want to thank the Guacamole team for an exelent job. The whole
> software is just amazing and works very well.
>
> I do however am a little confused about the posibility of SSO to RDP.
> According to JIRA there should be an form of SSO posible, as all related
> have status DONE. https://glyptodon.org/jira/browse/GUAC-490
>
> But I'm unable to find any info on how to configure this. I would like to
> SSO the LDAP credentials to the RDP connections configured/accosiated in
> MySQL.
>
> Any guidance is very welcome.
>
> Kind Regards,
> Bastiaan
>
>
> ------------------------------
>
> This e-mail may contain SEAKR Engineering (SEAKR) Confidential and
> Proprietary Information. If this message is not intended for you, you are
> strictly prohibited from using this message, its contents or attachments in
> any way. If you have received this message in error, please delete the
> message from your mailbox. This e-mail may contain export-controlled
> material and should be handled accordingly.  ­­
>

Re: LDAP and MySQL do SSO to RDP

[Nick Couchman <ni...@seakr.com>]

Bastiaan,
I think all you have to do is, when creating the connection, use the following items for configuration:
Username: ${GUAC_USERNAME}
Password: ${GUAC_PASSWORD}

Then, assuming you've either configured the LDAP extension with Active Directory as your service, or your username and password in another LDAP directory or the database match your RDP credentials, it will pass through the Guacamole authentication information to the RDP session, which should result in the "SSO" configuration you're looking for.  I haven't tried it, yet - it's on my list of things to do.

-Nick

> On Aug 2, 2016, at 01:33, Bastiaan van Haastrecht <b....@gmail.com> wrote:
> 
> Hello all,
> First I want to thank the Guacamole team for an exelent job. The whole software is just amazing and works very well.
> I do however am a little confused about the posibility of SSO to RDP. According to JIRA there should be an form of SSO posible, as all related have status DONE. https://glyptodon.org/jira/browse/GUAC-490
> But I'm unable to find any info on how to configure this. I would like to SSO the LDAP credentials to the RDP connections configured/accosiated in MySQL.
> Any guidance is very welcome.
> Kind Regards,
> Bastiaan

==
This e-mail may contain SEAKR Engineering (SEAKR) Confidential and Proprietary Information. If this message is not intended for you, you are strictly prohibited from using this message, its contents or attachments in any way. If you have received this message in error, please delete the message from your mailbox. This e-mail may contain export-controlled material and should be handled accordingly.