guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marco Casavecchia Morganti <>
Subject Re: LDAP_USER_BASE_DN pointing to an AD Security Group
Date Wed, 07 Jun 2017 09:37:28 GMT
I developed a small patch for the guacamole-auth-ldap extension that allows you to specify
in the a new property: ldap-users-filter.

Basically if you apply the patch, you can add an LDAP condition that must be satisfied by
the users to become guacamole users. So if you set it as something like this:
ldap-users-filter: memberOf=CN=Guacamole,OU=Service Gropus,OU=Domain,DC=my,DC=lan
only the users that belongs to the specified group will be listed in the guacamole interface
and will be allowed to access Guacamole.

At that time I tried to submit the patch to the developers but I wasn’t able to set up the
whole environment needed to do that, so I gave up, hoping that my patch would be added by
someone else sooner or later.

The patch is very simple and you can find it attached to this mail.
I applied it successfully to the latest incubating releases (0.9.11 and 0.9.12), I hope it
will be helpful.

Best Regards


View raw message