Speaking from experience. I would forgo the ldap or active directory. get it out of Docker. Use a VM or small server(if you have one) Setup for Database. Create users with guac.(you can setup admin within) SETUP Multi-factor. Setup sessions. ( If you can with 1.5.. Like I said I have been running guac for 4 years. This is the only version I have never got working.)
It isn’t like you are going to have 100’s of users accessing it. This is my personal experience.. I would say if you are wanting to use it to access outside the company or whatever. I would force Multi-factor on them and run it though a proxy.( https://nginxproxymanager.com/) r From: Remush <[email protected]> Sent: Monday, November 20, 2023 5:46 AM To: [email protected] Subject: Re: No "Connections" TAB in the settings So If I use the LDAP and want to be able to control connections *in* the Guacamole Web I need to set a db? And how can I give admin over the guacamole to certain users? I want the LDAP only in order to access the guacamole and being the user that connects in the connections. But I want a certain LDAP group to be able to create those connections in the Guacamole On Mon, 20 Nov 2023, 13:42 Nick Couchman, <[email protected]<mailto:[email protected]>> wrote: On Mon, Nov 20, 2023 at 3:58 AM Remush <[email protected]<mailto:[email protected]>> wrote: Hey! So I have set up a guacamole that connects to the LDAP. However it looks like I have no real authorization, I can't see the connections and the users and the history tabs. Is there a reason for that? How can I allow a certain ldap group to have admin access over the guacamole? When you use the LDAP extension in Guacamole to store connections, you have to manage the connections directly within LDAP using an LDAP manager/editor. Guacamole does not include support for modifying anything within LDAP, including connections or users. This means that you will not see the Connections tab, and you will not be able to create or edit connections within the Guacamole UI. If you want to be able to manage connections and permissions within the Guacamole UI you need to use the JDBC module to store the connections. You could still use the LDAP extension for user authentication and group membership. -Nick
