[jira] [Commented] (GUACAMOLE-2051) LDAP user attributes do not work when specified in ldap-servers.yml, at all with 1.6.0+

Fri, 02 May 2025 10:05:06 -0700 


    [ 
https://issues.apache.org/jira/browse/GUACAMOLE-2051?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17948945#comment-17948945
 ] 

Mike Jumper commented on GUACAMOLE-2051:
----------------------------------------

OK, so LDAP user attributes _do_ work, but the attribute IDs retrieved from 
LDAP no longer preserve case. This has the effect that, regardless of how those 
attributes are specified in the configuration, their names are fully lowercase 
when the tokens are generated. Thus, if you have {{ldap-user-attributes}} set 
to {{telephoneNumber}}, the name of the token generated ends up being 
{{LDAP_TELEPHONENUMBER}} instead of {{LDAP_TELEPHONE_NUMBER}}.

I'll retry the same configuration against 1.5.5 to see if this is a 
regression...

> LDAP user attributes do not work when specified in ldap-servers.yml, at all 
> with 1.6.0+
> ---------------------------------------------------------------------------------------
>
>                 Key: GUACAMOLE-2051
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-2051
>             Project: Guacamole
>          Issue Type: Bug
>          Components: guacamole-auth-ldap
>    Affects Versions: 1.5.5
>         Environment: Docker
>            Reporter: sbcbus
>            Priority: Major
>
> 2 issues, but both related in the end. It made it a bit difficult to 
> troubleshoot due to the variance.
> +In 1.5.5:+
> It seems "user-attributes:" does not work when specified in ldap-servers.yml. 
> We recently had a change where we added an additional LDAP source so moved 
> the entire config to there. Our connections that rely on custom attributes 
> for the connection host name stopped working. *Uncommenting 
> ldap-user-attributes: ... in guacamole.properties is a workaround.*
>  
> +1.6.0:+
> The attributes do not seem to work *at all* in latest staging/1.6.0 branch. 
> ldap-user-attributes: customAttributeName nor specifying it in ldap-users.yml 
> as user-attributes: customAttributeName. Guacd logs shows the error as 
> incorrect host name/dns error seemingly confirming it not being read. 
> Reverting docker back to 1.5.5 results in case above.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to