How to configure Apache Guacamole LDAP via Synology Docker

omorriso · September 13, 2023, 9:21pm

Hi, I’m currently running Apache Guac via Synology Docker with 2FA and it’s working great. However, I need assistance on how to set it up via LDAP. Any help will be MUCH appreciated, thanks!

glitch · September 14, 2023, 9:45am

Hey ,

I will try to help you set this up. Did you already add the ldap extension ?

omorriso · September 19, 2023, 12:21am

Thanks, much appreciative. No, I’m not sure how to add the ldap extension.

glitch · September 19, 2023, 5:35pm

Great, a while ago i used Synology as my NAS but do not have that anymore and i cannot test this config but try this.

Stop the Apache guacamole container
Edit the container and select environment
Select Add and enter EXTENSIONS in the variable and auth-ldap in the value then select apply.

4.Add the other variables in the documentation below that apply to your AD/LDAP environment for example:

LDAP_HOSTNAME: localhost
LDAP_PORT: 3890
LDAP_ENCRYPTION_METHOD: none
LDAP_USER_BASE_DN: ou=people,dc=example,dc=com
LDAP_USERNAME_ATTRIBUTE: uid
LDAP_SEARCH_BIND_DN: uid=admin,ou=people,dc=example,dc=com
LDAP_SEARCH_BIND_PASSWORD: replacewithyoursecret
LDAP_USER_SEARCH_FILTER: (memberof=cn=lldap_guacamole,ou=groups,dc=example,dc=com)

https://guacamole.apache.org/doc/0.9.12-incubating/gug/guacamole-docker.html

Once complete Start the container.
Now you can go back and watch my guacamole ldap video on how to add and use ldap users.

Please let me know if this helps. I would provide more support if i had access to synology but at this time i dont.

glitch · September 26, 2023, 10:19pm

@omorriso, it has been a week since your last response, did you resolve your issue ? Please provide feedback if not i will have to close the topic.

Thank you for being a geek2gether|hub member.

omorriso · September 28, 2023, 7:37pm

Hi, I followed the provided instructions, see screen shot. However, it did not work, not sure if I made a mistake or that wasn’t the fix.

glitch · September 29, 2023, 10:21pm

Thats weird, that should work, at least i tested it with docker today with just using the step 4 variables without step 3 and it worked.

Did you get any specific errors or logs you can share if you dont mind ?

Try removing the variables in step 3: “Select Add and enter EXTENSIONS in the variable and auth-ldap in the value then select apply.” and leave everything else in step4 and try again.

Also is your unsecure ldap port 389 or 3890 ?

Try again only with step 4 variables. Unfortunately, if it does not work i wont be able to help further because i don’t have access to a synology nas to test but using step 4 only variables should work because my best guess is synology docker should be thesame config as docker.

If you are able to do another test please provide feedback.