Uploaded image for project: 'Guacamole'
  1. Guacamole
  2. GUACAMOLE-954

Add LDAP support for nested user groups

Attach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: New Feature
    • Status: Reopened
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: guacamole-auth-ldap
    • Labels:
      None

      Description

      As described below, the current LDAP support will query user group membership, but only immediate membership. Unlike the database auth, nested user groups are not supported. Support for nested user groups should be added.

      Note that while Active Directory supports a specific filter for retrieving recursive group memberships, leveraging that would need to be done carefully. Other LDAP servers may not support that filter, and an alternative, standards-conforming mechanism would need to be used by default. If it is possible to automatically detect that the LDAP server supports this, that would be ideal. Another option might be to provide some mechanism for overriding the filter that Guacamole will use to determine membership.

        Attachments

        Issue Links

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              darkl0rd Nils

              Dates

              • Created:
                Updated:

                Issue deployment