On Wed, Jul 18, 2018 at 8:52 AM Marko Cupać <[email protected]> wrote:
> Hi, > > I would like to implement Guacamole and integrate it with Active > Directory, but I'm not comfortable with the idea of schema modification. > > From my point of view, better approach would be to be able to create AD > group for every destination server, so that every member of mentioned > group gets access to corresponding server through guacamole. Hostname > could be read for example from group's description field, protocol from > extension attribute. > > Any chance Guacamole's LDAP integration will also support this kind of > setups in the future? > > Guacamole definitely does not support this today. You're welcome to look through JIRA and see if someone has already requested this feature - basically, what you're asking for, is the ability to customize what objects the Guacamole LDAP extension looks at to determine connections. If a JIRA issue doesn't exist for it, you can create one: https://issues.apache.org/jira/projects/GUACAMOLE The schema modifications are pretty minimal - you'll see this if you look at the actual schema file, it's basically a single objectClass that gets added, with no modifications to any of the existing objects, and then some attributes for that objectClass type. -Nick
