guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Couchman <vn...@apache.org>
Subject Re: LDAP authentication failtures & success at the same time
Date Thu, 25 Apr 2019 18:08:08 GMT
On Thu, Apr 25, 2019 at 10:54 AM nicoschottelius <
nico.schottelius@ungleich.ch> wrote:

> Hello,
>
> I am trying to authenticate against ldap and while the logs show
>
> Apr 25 12:56:34 ... server: 12:56:34.943 [http-bio-8080-exec-1] INFO
> o.a.g.r.auth.AuthenticationService - User "nico" successfully authenticated
> from 10.204.X.X.
>
>
Any other error messages around this?


> the user sees on the website "Unable to query list of objects from ldap
> directory".
>

This could indicate a configuration issue, but could also indicate that the
user does not have permissions to query the LDAP tree.


>
> I tried various settings like
>
> ldap-max-search-results: 1000
>
> or combinations of
>
> ldap-user-search-filter: (ou=specific-sub-ou)
> ldap-max-search-results: 500000
>
>
Could you post your full config (minus anything sensitive)?


> However the error message always stays the same. The tree is a bit bigger
> (estimated 5 digit count).
>
> Is it possible that I am unable to work around the bug described in
> https://issues.apache.org/jira/browse/GUACAMOLE-717 ?
>
>
Yes, it's possible.


> If the tree size is a problem, are there other workarounds that I could
> try?
>
>
Filtering is the best way to go for the time being, until GUACAMOLE-234 is
completed and we can process search results > 1000.

-Nick

Mime
View raw message