guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zer0Cool <melin3...@gmail.com>
Subject Help with ldap-user-search-filter and LDAP Query
Date Tue, 20 Nov 2018 16:19:24 GMT
I currently have Apache Guacamole setup and working with LDAP (both 0.9.14
from site and 1.0.0. from git) in CentOS and RHEL 7.5/7.6. I can login, see
the full list of AD entities, etc.

The problem is its literally everything from AD; users, computers, disabled
accounts, etc.

Ideally, I would like it to be just:

- Active users
- From 2x OU's

I have tried many variations of the ldap-user-search-filter parameter, but
there isnt a whole lot of information to go on (specific to what Guacamole
expects fro it).

For some more background:

My guacamole.properties looks like this
ldap-hostname: myadserver.domain.com
ldap-port: 389
ldap-user-base-dn: dc=domain,dc=com
ldap-search-bind-dn: cn=guac_user,ou=Service_Accounts,dc=domain,dc=com
ldap-search-bind-password: password
ldap-username-attribute: sAMAccountName

My AD structure is basically:
- DC=domain,DC=com
--OU=Admins
--OU=Domain Users
--OU=Service_Accounts
--OU...
--CN...

With the "Admins" and "Domain Users" being the 2x OU's I want to list active
users from and there being many other OU's and CN's at the same level.

Any help would be great I have been racking my brain and cant work this out.
I am very new to LDAP queries and ignorance on my part is, I am sure,
largely to blame.

I have tried something like:
(&(objectCategory=person)(|(OU=Admins)(OU=Domain Users))

which did not work, wouldnt allow be to login.

Thanks



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Mime
View raw message