I currently have Apache Guacamole setup and working with LDAP (both 0.9.14 from site and 1.0.0. from git) in CentOS and RHEL 7.5/7.6. I can login, see the full list of AD entities, etc.
The problem is its literally everything from AD; users, computers, disabled accounts, etc. Ideally, I would like it to be just: - Active users - From 2x OU's I have tried many variations of the ldap-user-search-filter parameter, but there isnt a whole lot of information to go on (specific to what Guacamole expects fro it). For some more background: My guacamole.properties looks like this ldap-hostname: myadserver.domain.com ldap-port: 389 ldap-user-base-dn: dc=domain,dc=com ldap-search-bind-dn: cn=guac_user,ou=Service_Accounts,dc=domain,dc=com ldap-search-bind-password: password ldap-username-attribute: sAMAccountName My AD structure is basically: - DC=domain,DC=com --OU=Admins --OU=Domain Users --OU=Service_Accounts --OU... --CN... With the "Admins" and "Domain Users" being the 2x OU's I want to list active users from and there being many other OU's and CN's at the same level. Any help would be great I have been racking my brain and cant work this out. I am very new to LDAP queries and ignorance on my part is, I am sure, largely to blame. I have tried something like: (&(objectCategory=person)(|(OU=Admins)(OU=Domain Users)) which did not work, wouldnt allow be to login. Thanks -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
