You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@guacamole.apache.org by bl...@gmail.com on 2021/09/09 07:26:36 UTC

Setting up AD and LDAP

I've recently setup guacamole and I was able to get it running in docker
using the oznu image.  Worked perfectly fine.  I then was able to integrate
Dou, sweet deals.  Now I'm trying to work on adding connections.  However I
am getting NO LUCK adding.  I downloaded a pdf that came with a
guacSchema.ldif file and I ran that.   Took a little bit of finesse after
copy and paste added some things to it.  However after I run it I get 

 

c:\Users\Administrator\Documents\ldif>ldifde -i -f guacSchema.ldif -b
administrator domain pass -k -j . -c
"CN=Schema,CN=Configuration,DC=office,DC=ssllc,DC=com" #schemaNamingContext

Connecting to "IronMan.office.ssllc.com"

Logging in as "administrator" in domain "office" using SSPI

Importing directory from file "guacSchema.ldif"

Loading entries.......

6 entries modified successfully.

 

The command has completed successfully

 

However, I don't see anything created but perhaps I'm looking in the wrong
spot.  Anyway,  I tried to go and add a connection anyway.  Here is my
rdp.ldif file I tried to run

 

dn: CN=IronmanAdmin,DC=office,DC=ssllc,DC=com

objectClass: guacConfigGroup

objectClass: groupOfNames

cn: IronmanAdmin

guacConfigProtocol: rdp

guacConfigParameter: hostname=IP

guacConfigParameter: port=3389

guacConfigParameter: username=Administrator

guacConfigParameter: password=pass

guacConfigParameter: domain=Office

member: cn=Dex,dc=office,dc=ssllc,dc=com

 

This does not work and I get the following error: 

 

c:\Users\Administrator\Documents\ldif>ldifde -i -f .\ironman-rdp.ldif -j .

Connecting to "IronMan.office.simplysyncedllc.com"

Logging in as current user using SSPI

Importing directory from file ".\ironman-rdp.ldif"

Loading entries.

Add error on entry starting on line 1: Naming Violation

The server side error is: 0x2099 The object cannot be added because the
parent is not on the list of possible superiors.

The extended server error is:

00002099: NameErr: DSID-030510C7, problem 2005 (NAMING_VIOLATION), data 0,
best

match of:

        'DC=office,DC=ssllc,DC=com'

 

0 entries modified successfully.

An error has occurred in the program

 

Any insight would be greatly appreciated.

Re: Setting up AD and LDAP

Posted by Nick Couchman <vn...@apache.org>.

>
>
> c:\Users\Administrator\Documents\ldif>ldifde -i -f .\ironman-rdp.ldif -j .
>
> Connecting to "IronMan.office.simplysyncedllc.com"
>
> Logging in as current user using SSPI
>
> Importing directory from file ".\ironman-rdp.ldif"
>
> Loading entries.
>
> Add error on entry starting on line 1: Naming Violation
>
> The server side error is: 0x2099 The object cannot be added because the
> parent is not on the list of possible superiors.
>
> The extended server error is:
>
> 00002099: NameErr: DSID-030510C7, problem 2005 (NAMING_VIOLATION), data 0,
> best
>
> match of:
>
>         'DC=office,DC=ssllc,DC=com'
>
>
>

The only thing that I can think of is that AD doesn't want you to create
this type of entry at the top-level of the tree? Have you tried creating a
separate OU and then creating this entry within that OU, instead?

-Nick