Hi, In modern versions of AD, to search from the root DN, you need to use port 3268 so you can use the global catalogue
Try that instead of port 389 Rgds paul From: Anburaj Palraj <anburajr...@gmail.com> Reply-To: "user@guacamole.incubator.apache.org" <user@guacamole.incubator.apache.org> Date: Monday, 23 January 2017 at 11:41 To: "user@guacamole.incubator.apache.org" <user@guacamole.incubator.apache.org> Subject: is it possible to use ldap-user-base-dn as like "ldap-user-base-dn: dc=example,dc=net" in Guacamole ? Hi Friends, Currently i am using 0.9.10-incubating (Associating LDAP with a database) and my guacamole property file is like below . == guacd-hostname: localhost guacd-port: 4822 ####LDAP properties optional for people with MS Active Directory / lDAP environment ldap-hostname: 192.168.207.48 ldap-port: 389 ldap-user-base-dn: dc=example,dc=net ldap-search-bind-dn: CN=guacamole,ou=Technology,ou=BLR-KSPs,ou=BLR-KSP-Platina,ou=Platina - BLR,dc=example,dc=net ldap-search-bind-password: Welcome@123 ldap-username-attribute: sAMAccountName # MySQL properties mysql-hostname: localhost mysql-port: 3306 mysql-database: guacadb mysql-username: guacauser mysql-password: guacauser@247 # Additional settings mysql-default-max-connections-per-user: 0 mysql-default-max-group-connections-per-user: 0 mysql-disallow-duplicate-connections: false === Whereas if i use ldap-user-base-dn as like below , it is working fine . but the problem here is users who all are under the main root directory (not under any OU) they are not able to login ldap-user-base-dn: ou=Platina -BLR,DC=example,DC=net doc says "If a search DN is provided (via ldap-search-bind-dn), then Guacamole users need only be somewhere within the subtree of the specified user base DN." so if i use "ldap-user-base-dn: dc=example,dc=net" also sould work right ? Please help me to solve this issue ?
