diff --git a/example_configs/apacheguacamole.md b/example_configs/apacheguacamole.md index 93dad31..93f0867 100644 --- a/example_configs/apacheguacamole.md +++ b/example_configs/apacheguacamole.md @@ -4,6 +4,7 @@ This was achieved by using the docker [jasonbean/guacamole](https://registry.hub ## To setup LDAP +### Using `guacamole.properties` Open and edit your Apache Guacamole properties files Located at `guacamole/guacamole.properties` @@ -22,9 +23,26 @@ ldap-search-bind-password: replacewithyoursecret ldap-user-search-filter: (memberof=cn=lldap_apacheguac,ou=groups,dc=example,dc=com) ``` -* Exclude `ldap-user-search-filter` if you do not want to limit users based on a group(s) +### Using docker variables + +``` +LDAP_HOSTNAME: localhost +LDAP_PORT: 3890 +LDAP_ENCRYPTION_METHOD: none +LDAP_USER_BASE_DN: ou=people,dc=example,dc=com +LDAP_USERNAME_ATTRIBUTE: uid +LDAP_SEARCH_BIND_DN: uid=admin,ou=people,dc=example,dc=com +LDAP_SEARCH_BIND_PASSWORD: replacewithyoursecret +LDAP_USER_SEARCH_FILTER: (memberof=cn=lldap_guacamole,ou=groups,dc=example,dc=com) +``` + +### Notes +* You set it either through `guacamole.properties` or docker variables, not both. +* Exclude `ldap-user-search-filter/LDAP_USER_SEARCH_FILTER` if you do not want to limit users based on a group(s) + * it is a filter that permits users with `lldap_guacamole` sample group. * Replace `dc=example,dc=com` with your LLDAP configured domain for all occurances * Apache Guacamole does not lock you out when enabling LDAP. Your `static` IDs still are able to log in. +* setting `LDAP_ENCRYPTION_METHOD` is disabling SSL ## To enable LDAP Restart your Apache Guacamole app for changes to take effect