[jira] [Commented] (GUACAMOLE-1660) Apache Guacamole LDAP Tokens -Reading User Attributes

[Mike Jumper (Jira)]

    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1660?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17576868#comment-17576868
 ] 

Mike Jumper commented on GUACAMOLE-1660:
----------------------------------------

If the attribute in question is {{PObox}}, I believe that apparent camel case 
is going to be converted to {{LDAP_P_OBOX}}. The current token that you're 
using ({{LDAP_POBOX}}) would only result if the attribute was simply {{pobox}}, 
whereas the more reasonable {{LDAP_PO_BOX}} would result from something like 
{{POBox}}.

See the naming convention conversion examples in the documentation for the 
{{ldap-user-attributes}} property: 
https://guacamole.apache.org/doc/gug/ldap-auth.html

> Apache Guacamole LDAP Tokens -Reading User Attributes
> -----------------------------------------------------
>
>                 Key: GUACAMOLE-1660
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1660
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole-auth-ldap
>    Affects Versions: 1.4.0
>         Environment: Debian 10
>            Reporter: Vittor de Castro
>            Priority: Minor
>              Labels: Ldap
>             Fix For: 1.4.0
>
>         Attachments: Screenshot_20.png, Screenshot_21.png, Screenshot_22.png, 
> Screenshot_23.png, Screenshot_24.png, Screenshot_25.png
>
>
> While using an LDAP to store connection data instead of using the database I 
> created a GuacConfigGroup and it's guacConfigParameter is like this:
> domain=contoso.com
> hostname=${LDAP_POBOX}
> password=\{GUAC_PASSWORD}
> port=3389
> username=${GUAC_USERNAME}
> my [guacamole.properties|https://guacamole.properties/] has this on the end 
> of the file:
> ldap-user-attributes: PObox, info
> The PObox attribute of the user is the IP address of the server I'm trying to 
> connect, when I change the hostname attribute of the guacConfigGroup to the 
> IP or a DNS It connects normally, but when I try to use the AD attribute it 
> doesn't connect and I get this on the guacd syslog:
> guacd[31714]: RDP server closed/refused connection: DNS lookup failed 
> (incorrect hostname?)
> After some testing using other guacConfigParameters I saw that it's not even 
> reading the LDAP attribute. Followed [this documentation to get 
> here|https://guacamole.apache.org/doc/gug/ldap-auth.html#how-guacamole-uses-ldap]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)