[ https://issues.apache.org/jira/browse/GUACAMOLE-954?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17033925#comment-17033925 ]
Nils commented on GUACAMOLE-954: -------------------------------- OK, noted. Implementing support for nested groups is, at least in the world of AD, relatively simple as perĀ [https://docs.microsoft.com/en-us/windows/win32/adsi/search-filter-syntax] I personally use this in several places (e.g. Apache) to support Nested Groups, which in an organisation are very common. The way to configure the search filter is like such: memberof:*1.2.840.113556.1.4.1941:*=CN=whatever,OU=ou,dc=your,dc=lan {{}} |1.2.840.113556.1.4.1941|*LDAP_MATCHING_RULE_IN_CHAIN*|This rule is limited to filters that apply to the DN. This is a special "extended" match operator that walks the chain of ancestry in objects all the way to the root until it finds a match.| > LDAP Authentication, users require explicit creation in MySQL for connection > sharing. > ------------------------------------------------------------------------------------- > > Key: GUACAMOLE-954 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-954 > Project: Guacamole > Issue Type: Improvement > Components: guacamole-server > Affects Versions: 1.1.0 > Reporter: Nils > Priority: Major > > Using LDAP for authentication, MySQL to store connection information. > Login works fine, however unable to share connections with other LDAP users > without first explicitly creating these users in MySQL as well. Likewise for > groups, if I share connections with a LDAP Group, users that are a member of > this group will not see any connections that are shared with this group. > I'm pretty sure that at some point, prior to the official 1.1.0 release, this > was working. -- This message was sent by Atlassian Jira (v8.3.4#803005)