-guacamole-auth-ldap
package. If using the keeper/guacamole Docker image, support for LDAP authentication is instead configured using environment variables.ldap-hostname
hostname
ldap-port
port
ldap-encryption-method
encryption-method
none
none
(for unencrypted LDAP)ssl
(for LDAP over SSL/TLS, also known as LDAPS)starttls
(for STARTTLS)ldap-user-base-dn
user-base-dn
ldap-username-attribute
username-attribute
ldap-search-bind-dn
search-bind-dn
ldap-search-bind-password
search-bind-password
ldap-group-base-dn
group-base-dn
ldap-group-name-attribute
group-name-attribute
/usr/share/guacamole-auth-ldap/schema
in both LDIF and .schema format. Note that storing connections directly within the LDAP directory is optional. If connections will not be stored within the directory, this base DN should not be provided.ldap-config-base-dn
config-base-dn
ldap-max-search-results
max-search-results
guacamole.properties
. By default, no LDAP user attributes are made available as parameter tokens.ldap-user-attributes
user-attributes
LDAP_
".lowercase-with-dashes
${LDAP_LOWERCASE_WITH_DASHES}
CamelCase
${LDAP_CAMEL_CASE}
headlessCamelCase
${LDAP_HEADLESS_CAMEL_CASE}
lettersAndNumbers1234
${LDAP_LETTERS_AND_NUMBERS_1234}
aRANDOM_mixOf-3NAMINGConventions
${LDAP_A_RANDOM_MIX_OF_3_NAMING_CONVENTIONS}
ldapsearch
".ldap-user-search-filter
user-search-filter
(objectClass=*)
ldap-group-search-filter
group-search-filter
(objectClass=*)
ldap-dereference-aliases
dereference-aliases
never
(do not dereference aliases at all)searching
(dereference aliases only after the search base has been found)finding
(dereference aliases only when finding the search base)always
(dereference aliases in all cases)ldap-follow-referrals
follow-referrals
ldap-max-referral-hops
max-referral-hops