[
https://issues.apache.org/jira/browse/GUACAMOLE-785?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nick Couchman closed GUACAMOLE-785.
-----------------------------------
Resolution: Invalid
> TOTP causing LDAP to change its query
> -------------------------------------
>
> Key: GUACAMOLE-785
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-785
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-ldap, guacamole-auth-totp
> Affects Versions: 1.0.0
> Reporter: Paul McDonnell
> Priority: Major
>
> I've got OTP operational on my set up, all worked as expected. I then went to
> enable LDAP but kept getting an error "Unable to query list of objects from
> LDAP directory". After some more debugging, I think the issue is that the
> original search that LDAP does is
> Searching "OU=people,dc=LOCAL,dc=mycompany,dc=COM" for objects matching
> "(&(objectClass=user)(!(objectCategory=computer))(samAccountName=jbloggs))".
> Then after TOTP code is typed in, it then searches for
> Searching "OU=people,dc=LOCAL,dc=mycompany,dc=COM" for objects matching
> "(&(objectClass=user)(!(objectCategory=computer))(samAccountName=*))".
>
> It replaces the samaccountname=jbloggs with samaccountname=*. I confirmed
> this by changing the ldap-user-search-filter: (samAccountname=jbloggs) and I
> was then able to login as jbloggs (but not as anyone else).
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
