[X2go-dev] x2go with likewise-open (ldap) questions

John A. Sullivan III jsullivan at opensourcedevel.com
Tue Dec 14 09:42:22 CET 2010


On Tue, 2010-12-14 at 08:32 +0200, Ivan Boyadzhiev wrote:
> Hi,
> I've implemented x2go with likewise-open, still I do have 2 issues,
> which are present only when I use LDAP account, and not present with
> regular account on the linux. More details: OS Ubuntu 10.10; x2go
> 3.0.1-5; likewise-open 5.4.0.42111. Ubuntu is joined to Windows Active
> Directory through LDAP. I don't have any issues there, and everything
> work fine with this configuration (one issue that I've overcome: when
> joining LDAP, the users have other group IDs, which came from LDAP. In
> order to connect to x2go server, your username must have the x2gousers
> group assignment. In my case in LDAP I do have special group which
> contains users who have to have access. I've logged to LDAP locally on
> the ubuntu, and using command id I've checked the unique
> identification of that LDAP group. Then I've set this number to the
> x2gousers in the file /etx/groups. This way I overwrite the group that
> came from LDAP with the local group, and only these users can connect
> to x2go).
> 
> Note: I've read all the documentation and I still didn't find
> solutions for my issues. They are:
> 
> 1. Connecting remotely with x2go client with LDAP credentials doesn't
> forward sound - thus no sound can be heard. This problem doesn't occur
> when I login locally on the Ubuntu with same LDAP credentials. When
> I'm logged in locally, the next remote login (using the client), has
> sound. However, I thought that it is something with groups for audio,
> but seems it is not, as I'm using very same credentials and the only
> difference is local and remote, this way all user permissions are same
> (confirmed)...
> 2. Connecting remotely with x2go client with LDAP credentials doesn't
> stop the session, when disconnected in every way. The session remain
> open (visible with x2golistsessions_sql HOSTNAME). I've made around 20
> client sessions from one host, and on the next ones it refused to
> connect me, because the number of authentications were too much.
> Again, when doing this locally on the Ubuntu, the sessions really
> terminate. I've even replaced x2gosuspend with x2goterminate, without
> any success. The only way is to delete file /var/db/x2go/x2go_sessions
> and to create empty one with /usr/lib/x2go/script/x2gosqlite.sh. The
> live sessions still remain active, but this doesn't seem good
> solution. It is not possible to terminate or to resume open sessions
> with the client as well. So they stay like zombies there.
> 
> Do you have an idea what can be the root causes for these issues? My
> logic lead me to some un-escaped symbols used when joining the Domain
> - like @ and \. Because when logging to the LDAP I am using
> USERNAME at DOMAIN. Another possibility is to be from Likewise-open,
> still, there should not happen this as locally everything works fine.
> 
> Best Regards
> Ivan
Hmm . . . I do not know the answer.  We are using LDAP authentication
and it is working well (RedHat Directory Server).  We are using local
groups but the members are defined in LDAP.  However, we are using uid
to identify the user rather than email so your hunch about the unescaped
characters might be correct.

The connections are really provided by ssh.  What happens if you try to
establish a simple ssh connection using the username at domain rather than
x2go? - John




More information about the x2go-dev mailing list