Details
-
New Feature
-
Status: Closed
-
Minor
-
Resolution: Done
-
None
-
None
Description
Hello,
we have configured guacamole with postgresql (for configuration) and LDAP (for authentication only) in version 1.0.0. The LDAP server are 3 Windows AD servers.
We have configured guacamole LDAP auth with
ldap-hostname: SERVER1 SERVER2 SERVER3
During authentication, guacamole connects to first server. If the connection fails, it connectes to seconds server and if this connection fails to, it connects to the third server. It works great in guacamole 1.0.0. But the version 1.0.0 has problem with LDAP groups.
So we have updated to 1.1.0. But in this configuration the multiple LDAP hosts are incorrectly parsed and login does not work with "Invalid login" on login page and following error message in the log
13:21:24.339 [http-nio-8080-exec-16] ERROR o.a.g.a.ldap.LDAPConnectionService - Binding with the LDAP server at "SERVER1 SERVER2 SERVER3" as user "bind-dn" failed: ERR_04121_CANNOT_RESOLVE_HOSTNAME Cannot connect to the server, Hostname 'SERVER1 SERVER2 SERVER3' could not be resolved. 13:21:24.340 [http-nio-8080-exec-16] ERROR o.a.g.a.l.AuthenticationProviderService - Unable to bind using search DN "bind-dn" 13:21:24.342 [http-nio-8080-exec-16] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from [10.0.48.1, 127.0.0.1] for user "ad.user@domain" failed.
Could you verify this issue? Is there some other possible format for multiple hostnames in ldap-hostname attribute? I have already tried to use "," (comma) instead of space and to use LDAP URI format, but nothing works.
Thank you for you answer.
Regards,
Robert Wolf.