[X2Go-Dev] Forwarding based on group membership
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Mon Oct 21 12:13:41 CEST 2013
Hi John,
I have been on holiday during last week, sorry for the delay with this
answer...
On Mo 14 Okt 2013 14:05:34 CEST, John Sigurd Skogtvedt wrote:
> Hello, for FreeNX we implemented a hack for forwarding users to certain
> servers based on LDAP group membership. To do this we wrote a
> nxcheckload script which returns a different value depending on if a
> user is member of a group "belonging to" a server. I have attached the
> script for reference.
>
> Is it possible to achieve the same with x2go, forwarding based on group
> membership?
I recommend using the X2Go Session Broker [1] for this. The session
broker provides session profiles to X2Go Client based on user, group
and/or client ACLs.
Thus, you can define hostA for groupA, hostB and hostC (load balanced)
for groupX, etc.
The current user+group backend in X2Go Session Broker is libnss based.
So you have to make LDAP groups available on the session broker host
and then you can reference those groups in the session broker's config
file (inifile backend):
/etc/x2go/broker/x2gobroker-sessionprofiles.conf [2].
In X2Go, the load balancing is handled differently compare to NX. In
NX, you connect to an initial NX server and then et redirected to
another NX server, in case of the initial NX server being busy.
In X2Go, the session broker chooses the best X2Go Server for the user
logging on. This choice can be based on ACLs or, with load-balancing,
on the amount of sessions running on all load-balanced servers.
Hope, this helps,
Mike
[1] http://wiki.x2go.org/doku.php/wiki:advanced:start#x2go_session_broker
[2]
http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob;f=etc/broker/x2gobroker-sessionprofiles.conf
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-keys
Size: 7251 bytes
Desc: ?ffentlicher PGP-Schl?ssel
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20131021/fc8eb491/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20131021/fc8eb491/attachment.pgp>
More information about the x2go-dev
mailing list