Tested by updating exisiting 1.3 install and can confirm that both user1 & user1@domain.tdl work as described against SAMBA/AD.
EDIT/Update - Odd behavior but I thought I’d post it here. Initially to set up the guacamole LDAP I created a local user1 with group 1 in SAMBA-AD & Guacamole. I also created another user1 within Guacamole with a different password than SAMBA-AD that helped me verify the LDAP vs local login was actually working. After the update, I tested user1@domain.tdl and was able to login as expected. What I found odd is that Guacamole treated the SAMBA-AD logins of user1 & user1@domain.tdl as separate and different accounts with different permissions applied.
It would be nice to have a solution for this Mac issue but unfortunately I have no Mac to play around with. @Andy_Wismer wanted to do some testing (with Mac) too.
I guess we can push it live this week.
The bind entry in /etc/guacamole/guacamole.properties is generated the wrong way. It reads ldap-search-bind-dn: cn=CN=Administrator,OU=Users,OU=MyBusiness,DC=MYDOMAIN,DC=LOKAL,cn=Users,DC=myadmin,DC=LOKAL instead of CN=Administrator,OU=Users,OU=MyBusiness,DC=MYDOMAIN,DC=LOKAL
I see no users in Guacamole
I cannot login with AD users.
WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [192.168.42.52, 127.0.0.1] for user “xy” failed.
I removed and readded the domain membership and then it asked for a principal name as bindDN. I used administrator@myadmin.lokal and it seems to be correct also in Guacamole. However I still don’t see any users in guacamole (however in Cockpit of NS, I see users).
I did update from old 0.9 version. I did run the db upgrade scripts.
No VPN. Yes I tried all connection settings.
Very strange: I get a connection to the login screen but as soon I enter user/password it disconnects. A similar thing is when I provide the username/password in guacamole. It connects but when opening the start menu, it disconnects.
Mar 12 00:35:19 myneths guacd[12117]: Connection closed.
Mar 12 00:35:19 myneths guacd: guacd[12117]: ERROR:#011Connection closed.
Mar 12 00:35:19 myneths guacd: guacd[12117]: INFO:#011User “@c3d367af-b946-459a-8b5a-4d5b5ecfe0ef” disconnected (0 users remain)
Mar 12 00:35:19 myneths guacd: guacd[12117]: INFO:#011Last user of connection “$8ad00a2c-4144-4742-b04d-a52183f68ef9” disconnected
Mar 12 00:35:19 myneths guacd[12117]: User “@c3d367af-b946-459a-8b5a-4d5b5ecfe0ef” disconnected (0 users remain)
Mar 12 00:35:19 myneths guacd[12117]: Last user of connection “$8ad00a2c-4144-4742-b04d-a52183f68ef9” disconnected
Mar 12 00:35:19 myneths guacd: guacd[12117]: INFO:#011Internal RDP client disconnected
Mar 12 00:35:19 myneths guacd[12117]: Internal RDP client disconnected
Mar 12 00:35:19 myneths guacd[6107]: Connection “$8ad00a2c-4144-4742-b04d-a52183f68ef9” removed.
Mar 12 00:35:19 myneths guacd: guacd[6107]: INFO:#011Connection “$8ad00a2c-4144-4742-b04d-a52183f68ef9” removed.
Mar 12 00:35:19 myneths daemon.sh: 00:35:19.346 [http-nio-8080-exec-9] INFO o.a.g.tunnel.TunnelRequestService - User “guacadmin” disconnected from connection “3”. Duration: 13646 millisecond
I have similar problems but with VNC on an updated machine. I have no solution so far, it works on a test VM with a fresh nethserver-guacamole install.
I’ll check on a Win 7 VM and report…
EDIT:
Tested with Win 2019 Server as DC and Neth as domain member and guacamole login worked with port 389 and encryption “none” but for guacamole the users “Name” has to match, not the account / user logon name.
Usually the logon name has to match as it is in Neth. I tried with all attributes but no change. Need to test more…
In the following example markus works but admin does not work (nethadmin would work in guacamole but not in neth).