[GH-ISSUE #732] Kasm Integration #263

New issue

Closed

opened 2026-02-27 08:16:13 +03:00 by kerem · 3 comments

kerem commented

2026-02-27 08:16:13 +03:00

Owner

Originally created by @OscarCy on GitHub (Nov 6, 2023).
Original GitHub issue: https://github.com/lldap/lldap/issues/732

Have anyone managed to integrate it with Kasm Workspaces?
Description of the service
Kasm workspaces: Streaming containerized apps and desktops to end-users. The Workspaces platform provides enterprise-class orchestration, data loss prevention, and web streaming technology to enable the delivery of containerized workloads to your browser.
https://kasmweb.com

What you've tried

What's not working

The user that it is shown in docker logs is a different user than the one I try to login to Kasm. If makes any sense, the user it is shown is the first user in my ldap database.

Originally created by @OscarCy on GitHub (Nov 6, 2023). Original GitHub issue: https://github.com/lldap/lldap/issues/732 Have anyone managed to integrate it with Kasm Workspaces? **Description of the service** Kasm workspaces: Streaming containerized apps and desktops to end-users. The Workspaces platform provides enterprise-class orchestration, data loss prevention, and web streaming technology to enable the delivery of containerized workloads to your browser. https://kasmweb.com **What you've tried** ![Screenshot 2023-11-06 at 15 56 48](https://github.com/lldap/lldap/assets/104976393/2052b135-f3bb-45a2-89ac-fc2b24a72b6a) **What's not working** ![Screenshot 2023-11-06 at 15 54 44](https://github.com/lldap/lldap/assets/104976393/1f9af8f6-c10d-442e-9382-c79f06fd89fd) The user that it is shown in docker logs is a different user than the one I try to login to Kasm. If makes any sense, the user it is shown is the first user in my ldap database. ![Screenshot 2023-11-06 at 16 01 37](https://github.com/lldap/lldap/assets/104976393/4412124a-f964-4cb8-878e-457308ecabcf)

kerem

2026-02-27 08:16:13 +03:00

closed this issue
added the
integration
label

kerem commented

2026-02-27 08:16:14 +03:00

Author

Owner

@nitnelave commented on GitHub (Nov 6, 2023):

Hi! I haven't tried myself to set up Kasm, but let me have a look at your config.

The group membership filter seems to be missing a member={0} (unless it cut in the screenshot?): my understanding is that it returns all the user's groups, so it has to be filtered on a specific user.
If you want to only get users from a specific group, you can add a memberOf=cn=my_group,ou=groups,dc=.. to the search filter (the user search filter).

Now, for the login error: to check if a given user's password is correct, typical LDAP clients will try to log in as that user (and that's the recommended way). That's why you see a login error for the user, and not for the admin.

To better understand what's going on, it would be helpful to provide the full verbose logs (verbose=true in the config or LLDAP_VERBOSE=true in the env): that will include the queries and responses.

@nitnelave commented on GitHub (Nov 6, 2023): Hi! I haven't tried myself to set up Kasm, but let me have a look at your config. The group membership filter seems to be missing a `member={0}` (unless it cut in the screenshot?): my understanding is that it returns all the user's groups, so it has to be filtered on a specific user. If you want to only get users from a specific group, you can add a `memberOf=cn=my_group,ou=groups,dc=..` to the search filter (the user search filter). Now, for the login error: to check if a given user's password is correct, typical LDAP clients will try to log in as that user (and that's the recommended way). That's why you see a login error for the user, and not for the admin. To better understand what's going on, it would be helpful to provide the full verbose logs (`verbose=true` in the config or `LLDAP_VERBOSE=true` in the env): that will include the queries and responses.

kerem commented

2026-02-27 08:16:14 +03:00

Author

Owner

@jakob42 commented on GitHub (Dec 8, 2023):

Works fine for me. My settings:

search filter: (&(objectClass=person)(uid={0})(memberof=cn=kasm,ou=groups,dc=example,dc=com))
group membership filter: (&(member={0})(objectClass=groupOfUniqueNames))

I'll try to submit a pull request with documentation next week.

My problem was I missed the need to add the "domain" to the login. So I need to login with lldapuser@example.com. Otherwise it wont even query the ldap server.

Thanks for this neat software nitnelave!

@jakob42 commented on GitHub (Dec 8, 2023): Works fine for me. My settings: search filter: `(&(objectClass=person)(uid={0})(memberof=cn=kasm,ou=groups,dc=example,dc=com))` group membership filter: `(&(member={0})(objectClass=groupOfUniqueNames))` I'll try to submit a pull request with documentation next week. My problem was I missed the need to add the "domain" to the login. So I need to login with lldapuser@example.com. Otherwise it wont even query the ldap server. Thanks for this neat software nitnelave!

kerem commented

2026-02-27 08:16:14 +03:00

Author

Owner

@jakob42 commented on GitHub (Jan 2, 2024):

I guess we can close this? There is documentation now

@jakob42 commented on GitHub (Jan 2, 2024): I guess we can close this? There is documentation now