guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vieri <>
Subject dynamic param values for user-mapping.xml
Date Tue, 23 Apr 2019 10:03:13 GMT

Is it possible to use the output of external scripts in order to define specific variables
in user-mapping.xml.

For instance, suppose I have something like this:


    <authorize username="test" password="test">

        <connection name="Terminal Server 2012">
            <param name="hostname">SCRIPT_GENERATED_OUTPUT</param>
            <param name="ignore-cert">true</param>
            <param name="security">nla</param>
            <param name="username">SCRIPT_GENERATED_OUTPUT</param>
            <param name="password"> SCRIPT_GENERATED_OUTPUT</param>
            <param name="domain"> SCRIPT_GENERATED_OUTPUT</param>



I know I could try to use the LDAP/AD authenticator extension, but:

1) AD is not officially supported, and I'd need to modify the schema with something like this:

2) I don't know yet if it is possible/easy to manage the NLA guacConfigParameter values for
each user, ie. would I need to specify username, password and domain for each group when using
NLA as security mode? That would mean I'd need to create a connection object for each AD user!
Or does Guacamole try to use the same username and password as the ones used for the inital
LDAP/AD bind even when using NLA?

Also note that I'd like the hostname to be dynamic too as I have a script that checks several
things in order to determine which RDP server a user should connect to (eg. checks ressource
usage on every server, checks whether a previously connected user session was inadvertantly
cut off, etc., and finally outputs the name or IP address of the RDP server).



View raw message