I kind of figured it out. At least the base issue. ldap-users-search-filter: (memberOf=CN=Domain Admins,CN=Users,DC=domain,DC=COM)
Seems to be the proper syntax for the parameter in the guacamole.properties file. This pulled in just the members of that group. Removing "(&(objectCategory=user" got it working. I am gonna go out on a limb and assume it uses something like "objectCategory=*" by default and that's pre-pended to any conditions put in by the user causing issues? I am still trying to figure out if I can limit the results just to actual users (not critical at this point) and only active users (a bit more important to me). Overall, I would really just like to figure out the syntax Guac expects for this and what options/flexibility/limits it has compared to standard LDAP queries. -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
