Re: Open ID with Azure AD (see no connections once logged-in)

[Nick Couchman <vn...@apache.org>]

On Tue, Mar 24, 2020 at 9:25 PM Itzik Bekel <it...@camilyo.com> wrote:

> Hi
>
> I just managed to implement SSO with guacamole and Azure AD
>
> however, I do not understand how I can manage the permissions,
>
> now, when I logged in using the SSO with my Azure AD user, I can see a
> blank
> page in guacamole (meaning, there is no connections) , seems that I logged
> in as anonymous user.
>
>
You're not logged in as an anonymous user, but the user you've logged in as
doesn't have any permissions to any connections.


> how I can manage this permission and set my user as Admin in guacamole  ?
>
>
Are you using the JDBC module for connection storage?  If so, then you need
to create a user in the JDBC module that matches the name of the user from
your OpenID authentication and assign that user permissions.  At this point
the OpenID module does not support enumerating groups, so you'll have to
make sure the users are created in the JDBC module, and are either assigned
permissions directly or linked to a JDBC group that has permissions
assigned.

This is covered best in the manual in the section about running JDBC and
LDAP;

http://guacamole.apache.org/doc/gug/ldap-auth.html#ldap-and-database

-Nick