On Thu, Apr 25, 2019 at 10:54 AM nicoschottelius < nico.schottel...@ungleich.ch> wrote:
> Hello, > > I am trying to authenticate against ldap and while the logs show > > Apr 25 12:56:34 ... server: 12:56:34.943 [http-bio-8080-exec-1] INFO > o.a.g.r.auth.AuthenticationService - User "nico" successfully authenticated > from 10.204.X.X. > > Any other error messages around this? > the user sees on the website "Unable to query list of objects from ldap > directory". > This could indicate a configuration issue, but could also indicate that the user does not have permissions to query the LDAP tree. > > I tried various settings like > > ldap-max-search-results: 1000 > > or combinations of > > ldap-user-search-filter: (ou=specific-sub-ou) > ldap-max-search-results: 500000 > > Could you post your full config (minus anything sensitive)? > However the error message always stays the same. The tree is a bit bigger > (estimated 5 digit count). > > Is it possible that I am unable to work around the bug described in > https://issues.apache.org/jira/browse/GUACAMOLE-717 ? > > Yes, it's possible. > If the tree size is a problem, are there other workarounds that I could > try? > > Filtering is the best way to go for the time being, until GUACAMOLE-234 is completed and we can process search results > 1000. -Nick