Using Nethserver's LDAP to authenticate users in Guacamole

v7
openldap

(Fabian Rodriguez) #1

NethServer Version: 7.4.1708 (Final)
Module: Domain accounts

I am testing Nethserver with Guacamole 0.9.9 on Debian 9 (installed following this guide) and I’d like to authenticate Guacamole’s users against Nethserver LDAP directory.

Here is the relevant portion of /etc/guacamole/guacamole.properties:

#LDAP properties
 
ldap-hostname: 192.168.X.X
ldap-user-base-dn: ou=People,dc=directory,dc=nh

I’ve confirmed the Nethserver LDAP service is available from elsewhere in my network with Apache Directory Studio, but I always get an “Invalid Login” error from the Guacamole web UI. I can’t seem to find any useful information or relevant errors in any Nethserver logs.

How can I enable more detailed debug logging in Nethserver? Where should I look for LDAP authentication attempts/error details?

If anyone is using this (or similar) setup or authenticating from other application I’d appreciate any help.


(Rob Bosch) #2

Is your LDAP dn structure like you are trying to connect? IE: is the users dn called: People.directory.nh? What info do you see in NethServer webadmin page under Status/domain accounts?


(Fabian Rodriguez) #3

Sorry I didn’t reply earlier. For now we’re using MariaDB on the same server to authenticate users. We’re rebuilding our Nethserver test environment and I won’t be able to test this again before some time.


(Rob Bosch) #4

You can always dryrun in something like virtualbox…