guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vieri <rentor...@yahoo.com>
Subject guacamole LDAP seeAlso group
Date Thu, 02 May 2019 15:04:34 GMT
Hi,

For some strange reason, the message I'm forwarding below doesn't show up in the mailing list
archive. I'm sending it again. If I'm mistakenly sending a dupe then please forgive me.

----- Forwarded Message -----
To: user@guacamole.apache.org <user@guacamole.apache.org>
Sent: Saturday, April 27, 2019, 1:56:30 AM GMT+2

Hi,

I have set up the guacConfigGroup configurations in my Directory.

Whenever a user logs into Guacamole UI (user1), the match is made on the "member" attribute,
as expected. The user can thus properly see the authorized connection.

However, if I change the "member" attribute to, say, "cn=user2...." and add "cn=group1..."
to the "seeAlso" attribute (user1 is a member of group1), then when user1 logs into Guacamole,
the connection configuration is not detected/loaded.
It's as if Guacamole were not looking up the seeAlso attribute.

It must be an error in my configuration.

ldap-hostname: 10.215.144.35
ldap-port: 389
ldap-encryption-method: none
ldap-user-base-dn: cn=Users,dc=mydomain,dc=org
ldap-config-base-dn: cn=Users,dc=mydomain,dc=org
ldap-group-base-dn: cn=Users,dc=mydomain,dc=org
ldap-username-attribute: cn
ldap-user-search-filter: (|(&(objectClass=user)(memberOf=cn=group1,cn=Users,dc=mydomain,dc=org))(objectClass=guac*)(cn=group1))
ldap-max-search-results: 15000

I always get an "Unable to query list of ojects from LDAP diretcory" message.

Any ideas?

Vieri

Mime
View raw message