Thank you, but in this case the user only exists in the second AD. - Pål
-----Original Message----- From: Molina de la Iglesia, Manuel <manuel.molina-de-la-igle...@veolia.com.INVALID> Sent: Monday, December 11, 2023 12:33 PM To: user@guacamole.apache.org Subject: Re: LDAP problem Hello, Note that you have to provide user@domain format instead of sAMAccountName to avoid collisions with identical usernames on both domains. Manel Molina manuel.molina-de-la-igle...@veolia.com <mailto:manuel.molina-de-la-igle...@veolia.com> Dirección de Ciberseguridad Ciutat de L’Aigua (D38) Paseo de la Zona Franca, 48 08038 Barcelona / España www.veolia.com <https://lh6.googleusercontent.com/NQV9u40gljVwEqEKuehJa7RKmmfRae8z2UYjOxr5GVL5ok2fdqBmZzcVbk0umI01LS-Mgfv2KWX2S5LJBd23DohY8J-I8ztlXhure-9MAOCXJC8pWplfaaMxikBt7GS2csFWIjlEXNc> El lun, 11 dic 2023 a las 12:30, Pål Hjelmeseth Myklebust (<p.h.mykleb...@usit.uio.no <mailto:p.h.mykleb...@usit.uio.no> >) escribió: Hello, We have configured Guacamole against two AD's. Authentication against the first AD works great, but the second gives this error: INFO o.a.g.a.l.AuthenticationProviderService - Unable to determine DN of user "<username>" using LDAP server "ad.kiosk.educloud.no <http://ad.kiosk.educloud.no> ". Proceeding with next server... Ldapsearch from the guacamole server returns the user with the correct DN, and the user-base-dn, search-bind-dn and search-bind-password in the ldap-servers.yml is correct. Any idea what could be wrong? - Paul --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org <mailto:user-unsubscr...@guacamole.apache.org> For additional commands, e-mail: user-h...@guacamole.apache.org <mailto:user-h...@guacamole.apache.org> --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@guacamole.apache.org For additional commands, e-mail: user-h...@guacamole.apache.org