guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Zer0Cool <>
Subject Re: Dumb LDAP Properties Question
Date Mon, 14 Jan 2019 19:44:04 GMT
Ok so from the responses it sounds like typically:

ldap-user-base-dn: dc=mydomain,dc=com
ldap-search-bind-dn: cn=myuser,ou=user_ou,dc=mydomain,dc=com

should be using the same DC entries but that:

ldap-hostname: myserver./mydomain/./com/

could possibly be on another domain.

However, it sounds like it theoretically possible they are not.

I ask as I am working on a script in which currently all 3 are prompted for
and hand entered. I was wondering if I could reduce the amount prompted for
and assume the DC portions.

In other words something like:
prompt for ldap-hostname
skip asking for ldap-user-base-dn (assume the same domain as ldap-hostname)
and then for ldap-search-bind-dn the user only enters
"cn=user_name,ou=user_ou" and assume the DC portions in the underlying code.

So far it sounds like the answer is that the majority of time this would be
a safe assumption but there could be instances in which they would differ.
If thats the case I can leave it as is and have it be fully entered and not
make assumptions.

Sent from:

View raw message