You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by "J. Christopher Little" <jc...@gmail.com> on 2021/03/29 18:12:30 UTC
guacamole batch add users and workstations
I have about 50 users and their associated workstations that I need to add
to guacamole.
Is there a way to do this in batch and not just through the web gui? I
couldn't find documentation in the user/admin manual on how to do this.
--
J. Christopher Little
Phone: (405)229-7822
Email: jcl@jchristopherlittle.com
WWW: http://www.jchristopherlittle.com
Re: guacamole batch add users and workstations
Posted by Nick Couchman <vn...@apache.org>.
On Mon, Mar 29, 2021 at 2:51 PM Matthieu Courtois <
courtois.matthieu.92@gmail.com> wrote:
> I’ve made a PowerShell module for that use case
> https://github.com/UpperM/guacamole-powershell
>
>
>
> *De :* J. Christopher Little <jc...@gmail.com>
> *Envoyé :* lundi 29 mars 2021 20:13
> *À :* user@guacamole.apache.org
> *Objet :* guacamole batch add users and workstations
>
>
>
> I have about 50 users and their associated workstations that I need to add
> to guacamole.
>
>
>
Are you using any SSO and/or LDAP integration for login? Users can be
created automatically in the DB after a successful login, so you don't
necessarily need to create those manually:
http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-auto-create
> Is there a way to do this in batch and not just through the web gui? I
> couldn't find documentation in the user/admin manual on how to do this.
>
>
>
I use Ansible for most of my automation, and doing these operations is
relatively easy using the URI module. I should probably try to write a
full-on Ansible module for it, but I haven't taken a stab at it. In any
case, below is a quick example of the Ansible playbook that I've used to
automate it in my case. It'd be run by doing something like this:
ansible-playbook guacamole.yml -e '{"new_connections":
["host1","host2","host3","host4"]}'
Obviously it would need a little adaptation to your use-case - you'd
probably want to loop through some sort of map of user to workstation in
order to assign the permissions, but shouldn't be too difficult. One of the
nice things about this is that Ansible's YAML syntax lets you very easily
spell out the parameters that you want to set when you actually create the
connection. You could make it into a variable that you pass in if you want
to make the parameters configurable. In my case, I set the same overall
parameters for every connection, so all I have to do is set them up in the
playbook.
-Nick
==guacamole.yml==
---
- name: Create a connection and assign permissions
hosts: localhost
become: false
connection: local
vars:
guacurl: https://1.2.3.4/guacamole
guacuser: ansible
guacpass: $uper$secretP@ssw0rd
guacdb: postgresql
tasks:
- name: Log in to Guacamole
uri:
url: "{{ guacurl }}/api/tokens"
method: POST
headers:
Accept: application/json
body_format: form-urlencoded
body:
username: "{{ guacuser }}"
password: "{{ guacpass }}"
register: _guaclogin
failed_when: _guaclogin.status > 299
- name: Create Guacamole Connections
uri:
url: "{{ guacurl }}/api/session/data/{{ guacdb
}}/connections?token={{ _guaclogin['json']['authToken'] }}"
method: POST
body_format: json
body:
activeConnections: "0"
attributes:
max-connections: "2"
max-connections-per-user: "1"
name: "{{ item }}"
parameters:
create-drive-path: "true"
drive-name: "xfer"
drive-path: "/xfer/guacamole/${GUAC_USERNAME}/"
enable-drive: "true"
hostname: "{{ item }}.domain.local"
port: "3389"
security: "nla"
parentIdentifier: "1"
protocol: "rdp"
ignore_errors: true
register: _guaccreate
failed_when: _guaccreate.status > 299
with_items: "{{ new_connections }}"
- name: Add permissions for Infra Management Team
uri:
url: "{{ guacurl }}/api/session/data/{{ guacdb
}}/userGroups/Infra_Management/permissions?token={{
_guaclogin['json']['authToken'] }}"
method: PATCH
body_format: json
body:
- op: "add"
path: "/connectionPermissions/{{ item['json']['identifier'] }}"
value: "READ"
validate_certs: no
ignore_errors: true
register: _guacperms
failed_when: _guacperms.status > 299
with_items: "{{ _guaccreate }}"
- name: Log out of Guacamole
uri:
url: "{{ guacurl }}/api/tokens/{{ _guaclogin['json']['authToken']
}}"
method: DELETE
validate_certs: no
register: _guaclogout
failed_when: _guaclogout.status > 299
RE: guacamole batch add users and workstations
Posted by Matthieu Courtois <co...@gmail.com>.
I’ve made a PowerShell module for that use case https://github.com/UpperM/guacamole-powershell
De : J. Christopher Little <jc...@gmail.com>
Envoyé : lundi 29 mars 2021 20:13
À : user@guacamole.apache.org
Objet : guacamole batch add users and workstations
I have about 50 users and their associated workstations that I need to add to guacamole.
Is there a way to do this in batch and not just through the web gui? I couldn't find documentation in the user/admin manual on how to do this.
--
J. Christopher Little
Phone: (405)229-7822
Email: jcl@jchristopherlittle.com <ma...@jchristopherlittle.com>
WWW: http://www.jchristopherlittle.com