guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Pattrick <>
Subject RE: LDAP_USER_BASE_DN pointing to an AD Security Group
Date Wed, 07 Jun 2017 08:43:10 GMT

Good idea, but unfortunately that's not it. I discovered that if I'm specifying an OU with
spaces, escaping is not necessary i.e.

this works...

LDAP_USER_BASE_DN="OU=External Demo Users,OU=Users,OU=MyBusiness,DC=MyCompany,DC=com"

...but if a CN (security group) is specified it doesn't work, with or without escaped spaces.

Cheers Andy.

From: Der PCFreak []
Sent: 07 June 2017 06:23
Subject: Re: LDAP_USER_BASE_DN pointing to an AD Security Group

Hi Andy,

maybe you just have to escape the spaces? Like shown here:


LDAP_USER_BASE_DN="CN=GUACAMOLE\ Group,OU=Security\ Groups,OU=MyBusiness,DC=mycompany,DC=com"



On 06.06.2017 15:58, Andy Pattrick wrote:


I have LDAP authentication working using a BASE_DN pointing to an OU in my Active Directory.
However I would like to point the BASE_DN at a security group so that I can simply add users
to the group if I want to allow them to access Guacamole without moving them to a different

When I try this I find it doesn't work. I suspect this is because CN's are not supported in
LDAP_USER_BASE_DN. Can anyone confirm if they have managed to do this?

In summary:

This works -


This does not work -

LDAP_USER_BASE_DN="CN=GUACAMOLE Group,OU=Security Groups,OU=MyBusiness,DC=mycompany,DC=com"

Many thanks, Andy.

Click here<!fyLIztD8HPBcfXS4znW5Q==>
to report this email as spam.

View raw message