Hi Michael, I've checked everything I can within the IdP.
- I'm already sending the email address as the Name ID. - I've even tried selecting "Send all known attributes" but I am getting the following error in Tomcat: ``` Unexpected internal error: Duplicate key SAML_GIVEN_NAME ``` It's just not clear what I should do next to troubleshoot further. I feel like I'm missing documentation that tells me what attributes to send and their names. Also, could setting `sqlserver-auto-create-accounts` to TRUE be the reason because the uuid accounts being created? On Thu, Nov 24, 2022 at 12:11 PM Michael Jumper <mjum...@apache.org> wrote: > On Thu, Nov 24, 2022, 9:08 AM Timothy Dilbert < > tdilbert25+guacm...@gmail.com> wrote: > >> We use SAML to authenticate into Guacamole. For the most part, it has >> been working flawlessly, and we have no complaints, except for one thing... >> it is difficult to recognise our users. >> >> When a user signs in for the first time, they get what appears to be a >> random username (e.g. uuidb964e028-b2e0-XXXX-a725-XX834988ceXX). >> > > This is because of how your SAML IdP is configured, not Guacamole. You > need to configure your IdP to send across the username, email, or similar > as the name ID. > > - Mike > >