Hi,
I set up guacamole with SAML SSO (no clearpass).
The users log into the system and are assigned to RDP, ssh, vnc connections, as
needed.
In all of the connection settings (eg for RDP), the following are left blank:
Under PARAMETERS, Authentication:
Username, Password, Domain, Security mode
So, for a given RDP connection, any SAML-authenticated user can potentially
access that target host by entering user credentials again.
I was wondering if it were possible for Guacamole to have an extra user-defined
"object" for credential storage.
For instance, a user could create "credentials1" with a set of RDP credentials,
"credentials2", etc. in his/her profile.
When connecting to an authorized host (guacamole "connection"), the guacamole
client GUI could ask the user which "credentials" object to use for that
connection.
Updating the credentials would be up to each user, and it would greatly ease
logging into systems when using an IdP which does not support clearpass hence
no way of using ${GUAC_PASSWORD} (also when one needs to change the credentials
anyway to, say, local admin/root, etc.).
Regards,
Vieri
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
