Guacamole AD user not displaying connections

Question

I was able to get Guacamole LDAP to work with our AD server but when users login there is no connections such as RDP.

My Docker compose file section:

guacamole:
depends_on:
- db
- guacd
container_name: guacamole_guacamole
image: guacamole/guacamole
environment:
- GUACD_HOSTNAME=guacd
- MYSQL_HOSTNAME=db
- MYSQL_DATABASE=guacamole
- MYSQL_USER=guacamole
- MYSQL_PASSWORD=some_pass
- LDAP_HOSTNAME=dc.domain.local
- LDAP_PORT=636
- LDAP_ENCRYPTION_METHOD=ssl
- LDAP_SEARCH_BIND_DN=CN=guacamole,OU=Users,DC=domain,DC=local
- LDAP_SEARCH_BIND_PASSWORD=one_more_pass
- LDAP_USER_BASE_DN=OU=Employees,DC=domain,DC=local
- LDAP_USERNAME_ATTRIBUTE=cn
- LDAP_USER_SEARCH_FILTER=(&amp;(objectclass=user)(memberOf=CN=guacamole_users,OU=Local Groups,DC=domain,DC=local))
- LDAP_MEMEBER_ATTRIBUTE=memberOf
- LDAP_GROUP_NAME_ATTRIBUTE=cn
- LDAP_GROUP_BASE_DN=OU=Local Groups,DC=domain,DC=local
restart: always

I have logged into guacadmin (MySQL DB) and created a group called "guacamole_users" and assigned all the connections to it. I have also created the same group name in AD and assigned all the users to it.

I created an AD user called "guacadmin" with a different pw. Logged in and can see all my AD users in the Users tab. I added the group "guacamole_users" to my user.

When I logged in as my user, the RDP connection showed up. Obviously doing that for every user is not feasible.

To my knowledge, the AD login should match with the MySQL DB group and display all the connections?

Guacamole AD user not displaying connections

0 Answers0