guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re:
Date Mon, 04 Feb 2019 13:37:48 GMT
On Mon, Feb 4, 2019 at 7:07 AM <bm@machek.systems> wrote:

> Hi Nick,
>
> thank you for your quick reply.
> Yes, my wife's account is also LDAP based.
>
> I gave the account of my wife the permission to change her password. That
> did the trick.
>
> Still in my understanding this is a security issue. As whenever a new LDAP
> account is created, it's not protected by TOTP.
>
>
Maybe, although a new LDAP account also will not have any access to any
connections until it is granted those privileges, so it shouldn't be that
big of a problem - when permissions are granted to the account, you can
make sure to grant permissions to change password, which should resolve the
issue.  You can also make sure you pre-create accounts within the database
module that you create in LDAP, and assign those permissions at that time.

-Nick

Mime
View raw message