guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marco Casavecchia Morganti <marco.casavecc...@ospedaliriuniti.marche.it>
Subject Re: LDAP_USER_BASE_DN pointing to an AD Security Group
Date Wed, 07 Jun 2017 10:58:12 GMT
Hi Andy,

I see, I installed it from sources instead.
Maybe I could send you the compiled jar, that should be easier for you.

—
MCM

On 7 Jun 2017, at 12:54, Andy Pattrick <andy.pattrick@horiba.com<mailto:andy.pattrick@horiba.com>>
wrote:

Hi Marco,



Thanks for your reply. That's exactly what I would like to do but unfortunately I am running
guacamole in docker so I'm not sure I can use this patch very easily. Hopefully this will
find it's way into the official docker image.



Cheers Andy



________________________________
From: Marco Casavecchia Morganti [marco.casavecchia@ospedaliriuniti.marche.it<mailto:marco.casavecchia@ospedaliriuniti.marche.it>]
Sent: 07 June 2017 10:37
To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org>
Subject: Re: LDAP_USER_BASE_DN pointing to an AD Security Group

Hello,
I developed a small patch for the guacamole-auth-ldap extension that allows you to specify
in the guacamole.properties a new property: ldap-users-filter.

Basically if you apply the patch, you can add an LDAP condition that must be satisfied by
the users to become guacamole users. So if you set it as something like this:
ldap-users-filter: memberOf=CN=Guacamole,OU=Service Gropus,OU=Domain,DC=my,DC=lan
only the users that belongs to the specified group will be listed in the guacamole interface
and will be allowed to access Guacamole.

At that time I tried to submit the patch to the developers but I wasn’t able to set up the
whole environment needed to do that, so I gave up, hoping that my patch would be added by
someone else sooner or later.

The patch is very simple and you can find it attached to this mail.
I applied it successfully to the latest incubating releases (0.9.11 and 0.9.12), I hope it
will be helpful.

Best Regards

—
MCM



Click here<https://www.mailcontrol.com/sr/O5NhFuxAV7XGX2PQPOmvUmGqEHcKtgpyapDcl69mHb+hig4t97j7Z4bkA!VSk!WK!fyLIztD8HOcrfMeL1fPjw==>
to report this email as spam.

Mime
View raw message