Hi,
In my setup Guacamole users authenticate with SAML SSO (I use postgresql as
backend db).
The only thing I do when I init the DB is create a record with group names just
as they are "propagated" by the IdP.
eg.:
INSERT INTO guacamole_entity (name, type) VALUES ('my_admin_group',
'USER_GROUP');
INSERT INTO guacamole_entity (name, type) VALUES ('my_super_user_group',
'USER_GROUP');
INSERT INTO guacamole_entity (name, type) VALUES ('my_standard_user_group',
'USER_GROUP');
...
I do not need to create each user because I have:
postgresql-auto-create-accounts: true
I then create connections and assign them to groups and/or users.
All this works OK in the sense that when a user logs in via SAML/SSO only the
allowed connections are displayed (according to both "users" and "groups"
settings).
However, I only allowed "Create new sharing profiles" for "my_admin_group" and
"my_super_user_group", but if a user whose a member of one of those groups logs
in the Sharing dropdown will not appear when in an RDP connection.
What can I try? What can I check to see why Guacamole thinks that this user
cannot share connections?
Regards,
Vieri
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
