On Mon, Oct 4, 2021, 15:19 Nick Couchman <[email protected]> wrote: > On Mon, Oct 4, 2021 at 5:39 PM Tezarin <[email protected]> wrote: > > > Hello, > > > > I have upgraded my Docker based Guacamole installation to 1.3.0, in the > > previous version, I had used a user sync script to allow my corporate > LDAP > > users authenticate with their LDAP credentials. > > > > I understand the version 1.3.0 has some built-in features which > eliminates > > the need for using user sync script but wasn't able to find any > > documentation on how to implement that. Can someone please shed some > lights > > on this and let me know where to start? > > > > > I think you're looking for the JDBC auto-create feature, which is > documented here: > > http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-auto-create > > It was added in version 1.2.0 as part of GUACAMOLE-708: > https://guacamole.apache.org/releases/1.2.0/ > https://issues.apache.org/jira/browse/GUACAMOLE-708
Also, to be clear, you do not need to automatically create users when just authenticating with LDAP. There is no need for the users to exist at all, and an empty, auto-created user gets you nothing except when you need storage for something like TOTP. For users coming from LDAP, all you should need is to leverage user groups, and that has been available since 1.0.0. - Mike
