You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by marcosrlopes <ma...@gmail.com> on 2017/08/31 16:37:53 UTC
Re: Granting users permissions after LDAP authentication
Anyone??
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/
Re: Granting users permissions after LDAP authentication
Posted by Nick Couchman <ni...@yahoo.com>.
Mike asked the following follow-up question:
> Are you using any other extensions to provide storage for the connection data itself? Or are you planning on storing the connection data within the LDAP directory?
Which received no response.
The reason Mike asked is because the answer is that it depends on how you're doing authentication and connections with LDAP. If you're authenticating with LDAP, but using one of the JDBC modules for storing connections, then you need to create the LDAP users you want to assign permissions to in the JDBC module (you can use the guacadmin user to do this, or you can manipulate the database directly) and then assign those users permissions. Then, then next time you log in under the LDAP account, that user will have the permissions. This is called "layering" authentication modules, and works as long as the usernames of the modules line up - that is, if you're logging into LDAP with the username "avocado" then you must create a user with that same username in the JDBC module and assign the permissions.
If you're using only the LDAP module, then the answer is that you cannot manage connections from the Guacamole interface - you must use an LDAP tool to manipulate the directory tree directly and then those items will be read in by Guacamole. You can do some basic permission management (use the member LDAP property to assign the connection to certain users), but it's fairly rudimentary.
See the following manual page for more info on both options:http://guacamole.incubator.apache.org/doc/gug/ldap-auth.html
Regards,Nick
== He has shown you, O man, what is good; And what does the LORD require of you But to do justly, To love mercy, And to walk humbly with your God? --Micah 6:8-- ==
On Thursday, August 31, 2017, 12:37:56 PM EDT, marcosrlopes <ma...@gmail.com> wrote:
Anyone??
--
Sent from: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/