LDAP groups

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

LDAP groups

Stefan Bogdan Cimpeanu
Hello all,
I know I’ve probably asked this before, but the answers didn’t quite resolve my situation.
When it comes to LDAP groups, I’m seeing inconstant results when it comes to listing them.
I’m using Azure ADDS, which is essentially a managed AD in Azure. All the users and groups live under one single OU.

When going to guacamole’s settings -> User Groups, the list provided contains both users and groups, but does not contain all the groups. Some, randomly, are missing.
I can see new groups, old groups, but also I don’t see some of the old or new groups. I can’t find a pattern.

I understand that guacamole simply performs an ldap query and it’s using what ever the response is, however I don’t know how to troubleshoot this in order to get all the groups listed.
There’re about 900 objects in total, users and groups.

Some help would be very appreciated.

Regards,
Bogdan
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: LDAP groups

Craig Sawyer
If you look through the source you should be able to find the LDAP query that's run.  Alternatively, you can try:

1) turn on super verbose logging in guac, it might include the query

2) turn on super verbose logging in ADDS, it might show the query

3) turn off security(TLS) on the connection (temporarily) and then listen on the traffic, via tcpdump/wireshark/etc.

I'm not familiar enough with the guac source to point you, even remotely on where the ldap query might be, but it's certainly in there.

Good Luck!



On Tue, Oct 6, 2020 at 3:11 AM Stefan Bogdan Cimpeanu <[hidden email]> wrote:
Hello all,
I know I’ve probably asked this before, but the answers didn’t quite resolve my situation.
When it comes to LDAP groups, I’m seeing inconstant results when it comes to listing them.
I’m using Azure ADDS, which is essentially a managed AD in Azure. All the users and groups live under one single OU.

When going to guacamole’s settings -> User Groups, the list provided contains both users and groups, but does not contain all the groups. Some, randomly, are missing.
I can see new groups, old groups, but also I don’t see some of the old or new groups. I can’t find a pattern.

I understand that guacamole simply performs an ldap query and it’s using what ever the response is, however I don’t know how to troubleshoot this in order to get all the groups listed.
There’re about 900 objects in total, users and groups.

Some help would be very appreciated.

Regards,
Bogdan
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]