I decided to be a horrible person and commented out the search in
incubator-guacamole-client/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/user/UserService.java
and recompiled.
// Find all Guacamole users underneath base DN
LDAPSearchResults results = new LDAPSearchResults();
/*
ldapConnection.search(
confService.getUserBaseDN(),
LDAPConnection.SCOPE_SUB,
"(&(objectClass=*)(" +
escapingService.escapeLDAPSearchFilter(usernameAttribute) + "=*))",
null,
false,
constraints
);
*/
Sorry if I make someone cry, but it may be useful to another horrible person.
Of course, I don’t know what doing this actually breaks. Please yell at me if
you have that answer.
Thanks,
Joseph B.
On 11/24/16, 2:35 PM, "Joseph Bernard" <[email protected]> wrote:
I’m using 0.9.10 with MySQL/LDAP authentication. I noticed a 10 second
delay when logging in. With a packet capture I found that a search was being
done after a successful LDAP authentication. My settings are as follows:
ldap-hostname: ldap.abc.com
ldap-user-base-dn: ou=users,ou=people,o=abc
ldap-username-attribute: cn
The search being done if for the first 1000 records of
ou=users,ou=people,o=abc with a filter of (&(objectClass=*)(cn=*))
While I am interested in what it’s doing, I’m more interested in stopping
this search to prevent a 10 second delay every time someone logs in. Is there
a config option I’m missing or have done incorrectly?
Thanks,
Joseph B.
