[
https://issues.apache.org/jira/browse/GUACAMOLE-284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16020731#comment-16020731
]
Michael Jumper commented on GUACAMOLE-284:
------------------------------------------
{quote}
So, disabled, time restrictions, and account expiration settings inside the
database modules will not impact logins that happen via another module when
multiple modules are layered.
{quote}
While it's true that account restrictions defined within the database auth
shouldn't affect whether another authentication mechanism succeeds/fails, I'd
say those restrictions should still take effect when it comes to providing
access to the data actually defined within the database.
It makes sense that the LDAP authentication would succeed, but I'm not sure it
makes sense that access to the connections, etc. within the database would be
granted for an account which is disabled (or otherwise restricted) within the
database, particularly with respect to the {{mysql-user-required}} /
{{postgresql-user-required}} properties.
> When using ldap with MySQL backend "Account Restrictions" doesn't work
> ----------------------------------------------------------------------
>
> Key: GUACAMOLE-284
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-284
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole-auth-jdbc-mysql, guacamole-auth-ldap,
> guacamole-client
> Affects Versions: 0.9.12-incubating
> Reporter: Mark van den Boogaard
>
> When using LDAP authentication and a MySQL backend the options under "Account
> Restrictions" are not working.
> When we set the option "Disabled" or "Enable/Disable account after" this has
> no effect.
> For us the users who managing Guacamole (users and connections) do not have
> access to LDAP to enable/disable accounts. So it would be nice to do have
> these options working when using LDAP authentication with MySQL
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
