You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@guacamole.apache.org by "Nick Couchman (Jira)" <ji...@apache.org> on 2020/07/01 21:21:00 UTC

[jira] [Commented] (GUACAMOLE-1119) Unable to query list of objects from LDAP directory

    [ https://issues.apache.org/jira/browse/GUACAMOLE-1119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17149701#comment-17149701 ] 

Nick Couchman commented on GUACAMOLE-1119:
------------------------------------------

[~ewithers]: There were not very many LDAP changes between 1.1.0 and 1.2.0.  The only two changes involve allowing group membership to happen with posixGroups, and fixing an issue with schema updates.

I suggest that you:
1) Gather more detailed logs from Tomcat on the cause of the failure.
2) Start the conversation on the user@guacamole.apache.org mailing list: http://guacamole.apache.org/support/

> Unable to query list of objects from LDAP directory
> ---------------------------------------------------
>
>                 Key: GUACAMOLE-1119
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1119
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole, guacamole-auth-ldap
>    Affects Versions: 1.2.0
>         Environment: guacamole 1.2.0, guacd 1.2.0 running in a docker container on Ubuntu Linux talking to Azure ADDS for secure LDAP
>            Reporter: Ed Withers
>            Priority: Minor
>
> We run guacamole in a docker container on an Ubuntu Linux machine.  We use Postgres for the database and secure LDAP for authentication connecting to Azure Active Directory Domain Services.  We have been running this configuration with version 1.1.0 of guacamole and guac_d since at least last August.  The update to 1.2.0 broke that integration. 
> Symptom: User attempts to log in, after entering username and password, there is a long delay and then the error "Unable to query list of objects from LDAP directory" appears at the top of the screen and the user remains at the login page.  
> docker logs show that the user successfully authenticated.  
> tcpdump shows traffic flowing between the guacamole container and the LDAP server.
> Reverting back to version 1.1.0 "solved" the problem.
> We suspect that the new LDAP configuration options changed a default behavior to something that is incompatible with the Azure ADDS schema.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)