On Mon, Nov 20, 2023 at 8:27 AM Richard Hawkins < [email protected]> wrote:
> Speaking from experience. I would forgo the ldap or active directory. > get it out of Docker. Use a VM or small server(if you have one) Setup for > Database. Create users with guac.(you can setup admin within) SETUP > Multi-factor. Setup sessions. ( If you can with 1.5.. Like I said I have > been running guac for 4 years. This is the only version I have never got > working.) > > > I've run Guacamole on a daily basis for several years using both LDAP and PostgreSQL, and am currently running the latest version (1.5.3) of both guacd and Guacamole Client, without any issues. I do choose to run mine outside of Docker, in a "native" Linux environment, but Docker is also a perfectly good way to run it. I would say configuring the Docker instances can be more challenging if you want to customize and tweak things a lot. If you're using more default settings, Docker should be fine. > It isn’t like you are going to have 100’s of users accessing it. > But, let's be clear, Guacamole can handle this. > > > This is my personal experience.. I would say if you are wanting to use > it to access outside the company or whatever. I would force Multi-factor > on them and run it though a proxy.( https://nginxproxymanager.com/) > > > Yes, MFA and TLS (via a reverse proxy like Nginx) is a good idea if you're using this outside a firewall. -Nick >
