You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@guacamole.apache.org by "Mike Jumper (Jira)" <ji...@apache.org> on 2020/02/04 01:52:00 UTC

[jira] [Commented] (GUACAMOLE-944) LDAP broken in 1.1.0

    [ https://issues.apache.org/jira/browse/GUACAMOLE-944?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17029429#comment-17029429 ] 

Mike Jumper commented on GUACAMOLE-944:
---------------------------------------

It's unlikely that LDAP is entirely broken in 1.1.0 - the support was thoroughly regression-tested prior to release. If things are not working in your case (but are working with 1.0.0), it does sound like a bug, but it is likely a bug specific to some aspect of your environment.

Can you provide the LDAP configuration values you use for Guacamole?

What specific LDAP server are you using and what does the structure of your LDAP directory look like?

What messages do you see within the Guacamole logs if you enable debug-level logging? Can you provide the entire log, from the point of server startup through the first authentication failure?

> LDAP broken in 1.1.0
> --------------------
>
>                 Key: GUACAMOLE-944
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-944
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole-auth-ldap
>    Affects Versions: 1.1.0
>         Environment: Kubernetes 1.16.4
>            Reporter: Ross
>            Priority: Major
>
> On upgrading our Guacamole container from 1.0.0 to 1.1.0, it fails to authenticate. Error message in logs is:
> 03-Feb-2020 13:37:15.136 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 3675 ms13:38:12.579 [http-nio-8080-exec-9] WARN  o.a.g.e.AuthenticationProviderFacade - The "ldap" authentication provider has encountered an internal error which will halt the authentication process. If this is unexpected or you are the developer of this authentication provider, you may wish to enable debug-level logging. If this is expected and you wish to ignore such failures in the future, please set "skip-if-unavailable: ldap" within your guacamole.properties.13:38:12.579 [http-nio-8080-exec-9] WARN  o.a.g.r.auth.AuthenticationService - Authentication attempt from [1.20.211.22, 10.42.4.0] for user "rossg" failed.
> Workaround is to switch back to 1.0.0.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)