From user-return-5075-archive-asf-public=cust-asf.ponee.io@guacamole.apache.org Tue Jan 22 15:15:23 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 651B7180634 for ; Tue, 22 Jan 2019 15:15:23 +0100 (CET) Received: (qmail 19547 invoked by uid 500); 22 Jan 2019 14:15:22 -0000 Mailing-List: contact user-help@guacamole.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@guacamole.apache.org Delivered-To: mailing list user@guacamole.apache.org Received: (qmail 19538 invoked by uid 99); 22 Jan 2019 14:15:22 -0000 Received: from mail-relay.apache.org (HELO mailrelay1-lw-us.apache.org) (207.244.88.152) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 22 Jan 2019 14:15:22 +0000 Received: from mail-ed1-f48.google.com (mail-ed1-f48.google.com [209.85.208.48]) by mailrelay1-lw-us.apache.org (ASF Mail Server at mailrelay1-lw-us.apache.org) with ESMTPSA id 45AD64407 for ; Tue, 22 Jan 2019 14:15:21 +0000 (UTC) Received: by mail-ed1-f48.google.com with SMTP id y20so19389918edw.9 for ; Tue, 22 Jan 2019 06:15:21 -0800 (PST) X-Gm-Message-State: AJcUuke6V+UtDsGXpQ5yAkvrb5S/lu1L2ky66NqS0nQnwCM4WNj/3CHF g9U3MZXjrHVdkTwLfUQGKm3iyv5Oo1aZFQX6VHM= X-Google-Smtp-Source: ALg8bN67lHr79trSmwMsT27gtaI0ZqHp23CmWcRz38AVwcVXUg+PXdWWHwIC4NI6oej42p/TvlAOFv/9hfM/+80CXK8= X-Received: by 2002:a50:b5a5:: with SMTP id a34mr30697557ede.52.1548166520242; Tue, 22 Jan 2019 06:15:20 -0800 (PST) MIME-Version: 1.0 References: <1547830710943-0.post@n4.nabble.com> <1548077820934-0.post@n4.nabble.com> <1548094194378-0.post@n4.nabble.com> <1548095718181-0.post@n4.nabble.com> <1548150925165-0.post@n4.nabble.com> <1548158663306-0.post@n4.nabble.com> <1548162480970-0.post@n4.nabble.com> In-Reply-To: <1548162480970-0.post@n4.nabble.com> From: Nick Couchman Date: Tue, 22 Jan 2019 09:15:08 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Restricting access to Connections defined in MySQL using LDAP groups? To: user@guacamole.apache.org Content-Type: multipart/alternative; boundary="0000000000007e097b05800c9bd1" --0000000000007e097b05800c9bd1 Content-Type: text/plain; charset="UTF-8" On Tue, Jan 22, 2019 at 8:24 AM ek1m92 wrote: > JoelB wrote > > I'm now working on scripting an AD-to-MySQL synchronization tool. > > We've been using a custom tool for this internally for the last couple of > months to be able to manage connection permissions on a group level. We > were > hoping to be able to ditch that in favor of official LDAP group support but > it looks like I'll be updating our tool to support the new database > structure instead... > I'll open an issue for this. At first I wasn't sure whether this was a > problem with our specific setup so I took to the mailing list but it looks > like we're not alone. > > I think it's probably already covered under this issue: https://issues.apache.org/jira/browse/GUACAMOLE-696 -Nick --0000000000007e097b05800c9bd1 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Tue, Jan 22, 2019= at 8:24 AM ek1m92 <ek1m92@posteo.de= > wrote:
= JoelB wrote
> I'm now working on scripting an AD-to-MySQL synchronization tool.<= br>
We've been using a custom tool for this internally for the last couple = of
months to be able to manage connection permissions on a group level. We wer= e
hoping to be able to ditch that in favor of official LDAP group support but=
it looks like I'll be updating our tool to support the new database
structure instead...
I'll open an issue for this. At first I wasn't sure whether this wa= s a
problem with our specific setup so I took to the mailing list but it looks<= br> like we're not alone.


I think it's probably already cove= red under this issue:


-Nick
--0000000000007e097b05800c9bd1--