guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nicoschottelius <>
Subject LDAP search vs. bind - what does guacamole use when?
Date Wed, 01 May 2019 15:38:23 GMT

I've tried several combinations of ldap-search-bind-dn,
ldap-user-search-filter, ldap-max-search-results - all with one result: 

- User  successfully authenticated in the logs
- Unable to query list of objects from LDAP directory message on the login

What I would expect guacamole to do:

- bind as the user to find out whether it can login
- use the search-bind-dn to look for other objects

What I *assume* guacamole is actually doing:

- search the DN of the user using the search-bind-dn
- searching other objects using the USER dn

I suspect this behaviour, because having an ACL on a test server that allows
the user to read the sub tree, makes it finally work.

If my assumption is correct, is there any way to tell guacamole to behave as
written in the expected part above?



Sent from:

View raw message