guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vieri <rentor...@yahoo.com>
Subject dynamic param values for user-mapping.xml
Date Tue, 23 Apr 2019 10:03:13 GMT
Hi,

Is it possible to use the output of external scripts in order to define specific variables
in user-mapping.xml.

For instance, suppose I have something like this:

<user-mapping>

    <authorize username="test" password="test">

        <connection name="Terminal Server 2012">
            <protocol>rdp</protocol>
            <param name="hostname">SCRIPT_GENERATED_OUTPUT</param>
            <param name="ignore-cert">true</param>
            <param name="security">nla</param>
            <param name="username">SCRIPT_GENERATED_OUTPUT</param>
            <param name="password"> SCRIPT_GENERATED_OUTPUT</param>
            <param name="domain"> SCRIPT_GENERATED_OUTPUT</param>
        </connection>

    </authorize>

</user-mapping>

I know I could try to use the LDAP/AD authenticator extension, but:

1) AD is not officially supported, and I'd need to modify the schema with something like this:
https://glyptodon.com/jira/secure/attachment/13006/Guacamole%20LDAP%20Authentication%20with%20Active%20Directory.pdf

2) I don't know yet if it is possible/easy to manage the NLA guacConfigParameter values for
each user, ie. would I need to specify username, password and domain for each group when using
NLA as security mode? That would mean I'd need to create a connection object for each AD user!
Or does Guacamole try to use the same username and password as the ones used for the inital
LDAP/AD bind even when using NLA?

Also note that I'd like the hostname to be dynamic too as I have a script that checks several
things in order to determine which RDP server a user should connect to (eg. checks ressource
usage on every server, checks whether a previously connected user session was inadvertantly
cut off, etc., and finally outputs the name or IP address of the RDP server).

Thanks,

Vieri


Mime
View raw message