You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Niubbo75 <a....@me.com> on 2019/07/15 07:17:17 UTC
TOTP + LDAP/Active Directory
Hello guys,
I have a question for you, I have enabled both TOTP and LDAP, I have binded
my AD with Guacamole and I can login using my AD users, but AD users don't
have TOTP while it works for local Guacamole users, how can I enable it also
for AD users?
Thanks,
Alessandro
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: TOTP + LDAP/Active Directory
Posted by Niubbo75 <a....@me.com>.
Hello, any news about the new feature? Is there a way I can try it locally,
if there is some code that could work?
Best,
Alessandro
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: TOTP + LDAP/Active Directory
Posted by Niubbo75 <a....@me.com>.
Ok, thankyou for your preciuouse replies!
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: TOTP + LDAP/Active Directory
Posted by Nick Couchman <vn...@apache.org>.
On Mon, Jul 15, 2019 at 8:23 AM Niubbo75 <a....@me.com> wrote:
> Hello Nick and thanks for your reply.
> I have try with one single user, add him also in my Guacamole local user
> list and he have TOTP, but imagine if I have hundreds of users, is there a
> way to automagically sync them into Guacamole JDBC so I have not to
> manually
> add them?
>
At the moment you will need to script that somehow, using either direct
modification of the underlying SQL database, or the API. However, there is
a JIRA issue in progress for a change that would allow users to be
automatically added to the JDBC module upon successful login from another
module, along with a pull request:
https://issues.apache.org/jira/browse/GUACAMOLE-708
https://github.com/apache/guacamole-client/pull/389
That would probably take care of your concerns - it probably will not be
included in the 1.1.0 release, but whatever comes after that (1.2.0 or
2.0.0 - not sure, yet).
-Nick
Re: TOTP + LDAP/Active Directory
Posted by Niubbo75 <a....@me.com>.
Hello Nick and thanks for your reply.
I have try with one single user, add him also in my Guacamole local user
list and he have TOTP, but imagine if I have hundreds of users, is there a
way to automagically sync them into Guacamole JDBC so I have not to manually
add them?
Thanks in advance,
Alessandro
--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org
Re: TOTP + LDAP/Active Directory
Posted by Nick Couchman <vn...@apache.org>.
On Mon, Jul 15, 2019 at 3:17 AM Niubbo75 <a....@me.com> wrote:
> Hello guys,
> I have a question for you, I have enabled both TOTP and LDAP, I have binded
> my AD with Guacamole and I can login using my AD users, but AD users don't
> have TOTP while it works for local Guacamole users, how can I enable it
> also
> for AD users?
> Thanks,
> Alessandro
>
>
>
This is definitely possible; however the users must exist in your JDBC
module, and they must have permissions to modify themselves (reset their
own password).
-Nick