[GUACAMOLE-893] New LDAP API building wrong filter - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.1.0
Fix Version/s: 1.1.0
Component/s: guacamole-auth-ldap
Labels:
None
Environment:
Debian Buster

Description

Hi,

While trying the 1.1.0 guacamole(-auth-ldap) I always get an empty user list. Capturing traffic to the LDAP server (Oracle) I can see the filter sent gets an extra entry for "uid".

With this guacamole.properties:

ldap-user-base-dn: cn=users,dc=foobar,dc=es

This filter gets sent to the server:

Filter: (&(objectClass=*)(uid=[NULL]))

If I try this guacamole.properties:

ldap-user-base-dn: cn=users,dc=foobar,dc=es 
ldap-user-search-filter: (objectClass=person)

This filter is generated:

Filter: (&(objectClass=person)(uid=person))

Or if I try this:

ldap-user-base-dn: cn=users,dc=foobar,dc=es 
ldap-user-search-filter: (uid=*)

Filter becomes:

Filter: (&(uid=*)(uid=[NULL]))

Or this:

ldap-user-base-dn: cn=users,dc=foobar,dc=es
ldap-user-search-filter: (&(objectClass=organizationalperson)(uidnumber<=20000))

Will send this:

Filter: (&(&(objectClass=organizationalperson)(uidnumber<=20000))(uid=20000))

I build commit 344e6c1b46914c59fa7fcdd622f10be0aa057e98 with maven in Debian Buster.

Attachments

Issue Links

is caused by

GUACAMOLE-234 Migrate from JLDAP to Apache Directory LDAP API

Resolved

Activity

People

Assignee:: Nick Couchman

Reporter:: Alberto Gonzalez Iniesta

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Oct/19 11:07

Updated:: 11/Oct/19 17:55

Resolved:: 11/Oct/19 17:55