On Thu, Apr 7, 2022 at 5:46 PM Estevão Costa <[email protected]> wrote:
> Hi > > We have a Guacamole instance deployed by docker and we are run into that > problem: > - We set up the Active Directory using env vars, including > LDAP_SEARCH_BIND_DN and LDAP_SEARCH_BIND_PASSWORD and we are able to login > into Guacamole with AD users. However, we can't see the AD users and groups > in the Guacamole Admin Dashboard. > > So we can't assign connections to users because the users don't appear in > the list. > > In the log, we don't see anything. No messages about it. > > Please, how can I solve it? > > You need to log in as an LDAP (Active Directory) user to see the users in LDAP/AD. This is because, except for the initial search for the user who is logging in, access to LDAP/AD is done by the user who is logging in. Practically speaking this means, that if you're using the JDBC module to store connections, you'll need to either manually create a JDBC account for one of your LDAP/AD users that you want to be an admin, or you'll need to enable the DB auto-creation setting so that LDAP/AD users are automatically added to the database upon successful login. -Nick >
