Uploaded image for project: 'Guacamole'
  1. Guacamole
  2. GUACAMOLE-996

Provide configuration for filtering LDAP groups

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: In Progress
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:
      None

      Description

      Problem:

      If you have an LDAP-Directory where Users and Groups are in the same subtree and you don't use LDAP for Connection-Storage (guacConfigGroup) you get all objects under the DN configured as ldap-group-base-dn returned as groups.

      Example:

      Our directory looks like this:

      DC=AD,DC=company,DC=de

      • OU=faculty
        • Group1
        • Group2
        • Group3
        • ...
        • OU=students
          • Student0001
          • Student0002
          • Student0003
          • ...
          • Student1999

      As ldap-group-base-dn I have to configure OU=faculty,DC=AD,DC=company,dc=de

      But then I get in the Web-UI all Groups and all Students as Group-Objects which makes no sense

      Suggested fix

      I have a fix for me but as I am not a programmer, I don't know how to implement it the right way.

      I changed in UserGroupService.java line 92 from:

      return new PresenceNode("objectClass");

      to

      return new AndNode(new EqualityNode("objectClass","group"));

      and added

      import org.apache.directory.api.ldap.model.filter.AndNode;

      at line 34.

      Thanks for making this great project!

       

      Peter

       

       

        Attachments

        1. UserGroupService_donotretrieveall.patch
          0.8 kB
          Edgardo Rodriguez

          Issue Links

            Activity

              People

              • Assignee:
                vnick Nick Couchman
                Reporter:
                ruhrmann Peter Ruhrmann
              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated: