Hey everyone! I've set up a Guacamole Bastion Host with Entra ID using SAML authentication, and while it works perfectly with internal accounts, I'm running into a problem with Guest Accounts. They can log in just fine using the format user_email.com#EXT#@tenandname.onmicrosoft.com, but none of the access policies, like groups or machine access, are getting applied. Is anyone else experiencing this with Guacamole and Guest Accounts through Entra? Thanks!
2 Answers
You might consider transforming the attributes in your SAML setup for those external users. Alternatively, you could try matching against a different property to see if that works better.
Have you checked if the pound/hash signs in those guest email formats are causing issues? We faced a similar problem a while back where some systems had trouble with special characters like apostrophes. It might be worth testing with different characters to see if that helps.

Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures