I'm attempting to filter AD groups permitted to login through Guacamole, which is making use of the auth-mysql and auth-ldap extensions. Login works fine for the users defined in the ldap-user-base-dn.
When I define the ldap-user-search-filter and reset the servlet container, all users are prevented from loggin in. This is my first time writing ldap filters, so it's very possible this is a syntax issue. My search filter in guacamole.properties is as follows: ldap-user-search-filter; "(&(objectCategory=Group)(sAMAccountName=*)(memberOf=cn=Accounting,ou=groups,ou="Superior Paving Employees,dc=superiorpaving,dc=net))" Can anyone assist me with this filter? I also have tried to restrict the ldap-user-base-dn to the specific group I want to give access to, but am running into the same issue. Erik Berndt / Systems Administrator
