From 38c03ddfd7aa404f2970ef0c9b69d3ec16365a76 Mon Sep 17 00:00:00 2001
From: Michael Jumper <mjumper@apache.org>
Date: Fri, 25 Jun 2021 00:32:06 -0700
Subject: [PATCH] GUACAMOLE-996: Use "(objectClass=*)" as default group filter.

---
 .../guacamole/auth/ldap/conf/ConfigurationService.java     | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
index 5c7747b1d..2071dfa02 100644
--- a/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
+++ b/extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/ConfigurationService.java
@@ -25,7 +25,6 @@ import java.util.List;
 import org.apache.directory.api.ldap.model.filter.ExprNode;
 import org.apache.directory.api.ldap.model.filter.PresenceNode;
 import org.apache.directory.api.ldap.model.message.AliasDerefMode;
-import org.apache.directory.api.ldap.model.filter.EqualityNode;
 import org.apache.directory.api.ldap.model.name.Dn;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.environment.Environment;
@@ -325,12 +324,12 @@ public class ConfigurationService {
     /**
      * Returns the search filter that should be used when querying the
      * LDAP server for Guacamole groups.  If no filter is specified,
-     * a default of "(objectClass=group)" is returned.
+     * a default of "(objectClass=*)" is used.
      *
      * @return
      *     The search filter that should be used when querying the
      *     LDAP server for groups that are valid in Guacamole, or
-     *     "(objectClass=group)" if not specified.
+     *     "(objectClass=*)" if not specified.
      *
      * @throws GuacamoleException
      *     If guacamole.properties cannot be parsed.
@@ -338,7 +337,7 @@ public class ConfigurationService {
     public ExprNode getGroupSearchFilter() throws GuacamoleException {
         return environment.getProperty(
             LDAPGuacamoleProperties.LDAP_GROUP_SEARCH_FILTER,
-            new EqualityNode("objectClass","group")
+            new PresenceNode("objectClass")
         );
     }