guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Berndt <erikber...@superiorpaving.net>
Subject Removing users that don't have RD login permission
Date Wed, 22 Nov 2017 17:35:25 GMT
When rolling out Guacamole, I initially granted all users access but have
since added a ldap-user-search-filter to guacamole.properties to restrict
login to members in a specific OU.

The search-filter is working correctly, as new users added to our domain do
not appear in the user list until added to the OU defined in the
ldap-search-filter and user removed from this OU are removed from the user
list.

The issue I'm running into is that all active directory users that were
discovered during the initial deployment are still appearing. I'm using the
the auth-jdbc-mysql and auth-ldap connectors to provide pass-thru
authentication using AD credentials.

The only users I see in the MySQL database are those that have been granted
explicit access to remote desktops.

Could I be missing another table where ldap users who haven't been assigned
connections reside or is there a way to force ldap-search to rebind users
based on the new ldap-user-search-filter?

Erik Berndt / Systems Administrator
5551 Wellington Rd, Gainesville, VA 20155
703.631.0004 x520 (Phone) / 703.257.1725 (Fax)
http://www.superiorpaving.net

Need to open an IT support ticket?
http://FixIT.superiorpaving.net/portal or FixIT@superiorpaving.net

Mime
View raw message