Luciano, I have the same issue - Guacamole as a whole is working great but I find the LDAP interaction with MS AD very flakey. On a new instance everything looks great, I can log in with AD users but the list of users available in the AD groups does not import and the AD users that connect and authenticate when I view them in the user menu are not flagged as LDAP users. After farting around and restarting things all of a sudden things will import with no changes to the config. Similar to yourself even once the import happens new users and groups will not populate on their own. I have easily spent 2 to 3 times as much energy on this aspect of the deployment vs all the rest.
KC On Tue, Jul 12, 2022 at 3:41 PM David Haukeness <[email protected]> wrote: > AD group membership should be passed along to guacamole when the user logs > in. > > have you configured the group base DN options? > > Are you using database backend or LDAP only with a modified schema? > > David > > ------ Original Message ------ > From "Luciano Oliveira" <[email protected]> > To "[email protected]" <[email protected]> > Date 7/12/2022 1:36:07 PM > Subject Access user guacamole by groups Active Directory > > Hello, > > How do you allow access to guacamole? > > I configured the integration with Active Directory by groups, in this > point everything is fine. > > My issue is that every time I need to release a new user, I put him in one > of these groups, and in order for him to be released in guacamole I have to > restart the servlet, knocking everybody out. > > Is there a sync tool? > > *[ ]'s* > >
