[GUACAMOLE-998] LDAP: Do not retrieve all groups from LDAP - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Wish
Status: Closed
Priority: Minor
Resolution: Duplicate
Affects Version/s: 1.1.0
Fix Version/s: None
Component/s: guacamole-auth-ldap
Labels:
- easyfix
- newbie
- patch
Environment:
CentOS 7

Flags:

Patch

Description

Hi, I have been using Guacamole since 0.9.14. As we use ActiveDirectory LDAP to authenticate every user I found something which might have an explanation but in my scenario is quite undesired.

Our LDAP is a WorldWide DB and so contains a huge ammount of users and groups.

According to the original code if we do not use (as in our case) LDAP for storing configuration, then anything containing objectClass attribute (users, computer, groups, etc) will be loaded into Guacamole as a group.

I do not see clearly why this is done this way, also ldap-group-base-dn attribute is not respected at all in this scenario but fortunately at least seems to honor ldap-user-base-dn.

So I modificated this line to, retrieve any object containing the attribute defined by ldap-member-attribute which by default is member.

Attached patch does work as spected (by me at least), I am pretty newie with java, so I might be missing something...

Thanks all for this great piece of software BTW!

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

UserGroupService_donotretrieveall.patch
27/Mar/20 18:32
0.8 kB
Edgardo Rodriguez

Issue Links

duplicates

GUACAMOLE-996 Provide configuration for filtering LDAP groups

Resolved

Activity

People

Assignee:: Unassigned

Reporter:: Edgardo Rodriguez

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 27/Mar/20 18:35

Updated:: 27/Mar/20 19:02

Resolved:: 27/Mar/20 19:00

Time Tracking

Estimated:

24h

Remaining:

24h

Logged:

Not Specified