Hi, For some strange reason, the message I'm forwarding below doesn't show up in the mailing list archive. I'm sending it again. If I'm mistakenly sending a dupe then please forgive me.
----- Forwarded Message ----- To: user@guacamole.apache.org <user@guacamole.apache.org> Sent: Saturday, April 27, 2019, 1:56:30 AM GMT+2 Hi, I have set up the guacConfigGroup configurations in my Directory. Whenever a user logs into Guacamole UI (user1), the match is made on the "member" attribute, as expected. The user can thus properly see the authorized connection. However, if I change the "member" attribute to, say, "cn=user2...." and add "cn=group1..." to the "seeAlso" attribute (user1 is a member of group1), then when user1 logs into Guacamole, the connection configuration is not detected/loaded. It's as if Guacamole were not looking up the seeAlso attribute. It must be an error in my configuration. ldap-hostname: 10.215.144.35 ldap-port: 389 ldap-encryption-method: none ldap-user-base-dn: cn=Users,dc=mydomain,dc=org ldap-config-base-dn: cn=Users,dc=mydomain,dc=org ldap-group-base-dn: cn=Users,dc=mydomain,dc=org ldap-username-attribute: cn ldap-user-search-filter: (|(&(objectClass=user)(memberOf=cn=group1,cn=Users,dc=mydomain,dc=org))(objectClass=guac*)(cn=group1)) ldap-max-search-results: 15000 I always get an "Unable to query list of ojects from LDAP diretcory" message. Any ideas? Vieri
