Uploaded image for project: 'Guacamole'
  1. Guacamole
  2. GUACAMOLE-792

Radius Provider returns Group - like LDAP Provider

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.0.0
    • Fix Version/s: None
    • Component/s: guacamole-auth-radius
    • Labels:

      Description

      This Improvement would reduce admin for those of us who use Radius for authentication 
      against a Directory (in our case Microsoft Active Directory) with a database 
      provider that will be using Groups to mange connections, if Groups could be 
      used somehow. 

      One possibility... 
      Radius Servers could be configured to return a Group name that matches a 
      Group in the database, by using the RADIUS Vendor-Specific attribute, set to 
      the desired Group name for that Server authentication rule. 
      In this wishful scenario the Radius provider would treat the Group name in 
      the same way the LDAP provider now appears to be doing with the resolution 
      of issue 715. 

      (In our case, we need to use Radius instead of LDAP because of the 
      requirement to use MFA.) 
      https://tools.ietf.org/html/rfc2865#page-47
      Implies addition of guacamole.properties entries for the vendor-id and type. 

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              drhy David Young
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: