Uploaded image for project: 'Guacamole'
  1. Guacamole
  2. GUACAMOLE-893

New LDAP API building wrong filter

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.1.0
    • Fix Version/s: 1.1.0
    • Component/s: guacamole-auth-ldap
    • Labels:
      None
    • Environment:
      Debian Buster

      Description

      Hi,

      While trying the 1.1.0 guacamole(-auth-ldap) I always get an empty user list. Capturing traffic to the LDAP server (Oracle) I can see the filter sent gets an extra entry for "uid".

      With this guacamole.properties:

      ldap-user-base-dn: cn=users,dc=foobar,dc=es

      This filter gets sent to the server:

      Filter: (&(objectClass=*)(uid=[NULL]))

       

      If I try this guacamole.properties:

      ldap-user-base-dn: cn=users,dc=foobar,dc=es 
      ldap-user-search-filter: (objectClass=person)

      This filter is generated:

      Filter: (&(objectClass=person)(uid=person))

       

      Or if I try this:

      ldap-user-base-dn: cn=users,dc=foobar,dc=es 
      ldap-user-search-filter: (uid=*)

      Filter becomes:

      Filter: (&(uid=*)(uid=[NULL]))

      Or this:

      ldap-user-base-dn: cn=users,dc=foobar,dc=es
      ldap-user-search-filter: (&(objectClass=organizationalperson)(uidnumber<=20000))

      Will send this:

      Filter: (&(&(objectClass=organizationalperson)(uidnumber<=20000))(uid=20000))

      I build commit 344e6c1b46914c59fa7fcdd622f10be0aa057e98 with maven in Debian Buster.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                vnick Nick Couchman
                Reporter:
                agi Alberto Gonzalez Iniesta
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: