guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vieri <rentor...@yahoo.com>
Subject guacamole LDAP seeAlso group
Date Fri, 26 Apr 2019 23:56:30 GMT
Hi,

I have set up the guacConfigGroup configurations in my Directory.

Whenever a user logs into Guacamole UI (user1), the match is made on the "member" attribute,
as expected. The user can thus properly see the authorized connection.

However, if I change the "member" attribute to, say, "cn=user2...." and add "cn=group1..."
to the "seeAlso" attribute (user1 is a member of group1), then when user1 logs into Guacamole,
the connection configuration is not detected/loaded.
It's as if Guacamole were not looking up the seeAlso attribute.

It must be an error in my configuration.

ldap-hostname: 10.215.144.35
ldap-port: 389
ldap-encryption-method: none
ldap-user-base-dn: cn=Users,dc=mydomain,dc=org
ldap-config-base-dn: cn=Users,dc=mydomain,dc=org
ldap-group-base-dn: cn=Users,dc=mydomain,dc=org
ldap-username-attribute: cn
ldap-user-search-filter: (|(&(objectClass=user)(memberOf=cn=group1,cn=Users,dc=mydomain,dc=org))(objectClass=guac*)(cn=group1))
ldap-max-search-results: 15000

I always get an "Unable to query list of ojects from LDAP diretcory" message.

Any ideas?

Vieri

Mime
View raw message