I am using Guacamole 1.2.0 under CentOS 7 with the following modules loaded:
Mysql, LDAP, TOTP
Under LDAP I have an ldap filter which only retrieves the users matching the following conditions:
1- Account must be an user and must no be disabled
2- User must belong to a particular user group
So far so good, only specific users are allowed to sign-in.
I found that after tomcat service startup, this filter is applied and so expected users are retrieved OK, but as time goes by we need to add more users to the previously mentioned group. Unless tomcat is restarted , logging out any user currently signed in, new users won't be allowed to sign-in. Also, with my current allowed user, I am not able to see the newly added user under "Users" tab.
I have no proposed patch, I am under investigation but I am newie with java and is some kind of difficult for me, I think this might be useful for these scenarios where we don't want to interrupt current logged in users because a new one needs to be added to this system.