On Tue, Aug 21, 2018 at 5:17 PM Rajesh Mohan <rajesh.mo...@infosys.com> wrote:
> Hi Team, > > > > I am facing an issue were the guacamole MFA authentication were not > working via the guacamole duo . > > > > My Requirement is to enable 2-way authentication to take the sessions in > the apache guacamole . Using AD Account and post that Duo Verification > must be done . > What version of Guacamole are you using? Are the Guacamole WAR file and extensions all the same version, and obtained from the same location/build? > > > But with the below mentioned guacamole properties entries the login was > successful till AD Authentication but the Duo was not able to pursue . > > > > Can you please help us what needs to be changed/modified for the proper > authentication. > > > > Cat /etc/guacamole/guacamole.properties > > guacd-hostname: localhost > > guacd-port: 4822 > > > > auth-provider: > net.sourceforge.guacamole.net.auth.ldap.LDAPAuthenticationProvider > > lib-directory: /etc/guacamole/extensions/ > Both of these options have been removed and have absolutely no effect on functionality. > > > # LDAP properties > > ldap-hostname: LDAP-HOSTNAME > > ldap-port: 389 > > ldap-encryption-method: none > > ldap-user-base-dn: dc=*******,dc=com > > ldap-search-bind-dn: > CN=*******,OU=SPL,OU=Users,OU=DCM,DC=********,DC=com > > ldap-search-bind-password: ******** > > ldap-username-attribute: uid > > > > # Guacamole-duo Configuration Properties > > > > duo-api-hostname: *********************** > > duo-integration-key: *********************** > > duo-secret-key: *********************** > > duo-application-key: *********************** > > pushinfo: yes > > autopush: yes > I have no idea what the "pushinfo" and "autopush" options are - unless you've modified the Duo code yourself to pay attention to these options, there's no record of them in the Guacamole documentation, so they will have no effect. Can you also check the Chrome/Firefox/IE developer console while this is happening and see if there are any errors in it? -Nick >
