Open-AudIT

What's on your network?
It is currently Fri Jan 19, 2018 5:54 am

All times are UTC + 10 hours




Post new topic Reply to topic  [ 11 posts ] 
Author Message
PostPosted: Mon Feb 24, 2014 8:02 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Dear forum,

I have had tried to config LDAP authentication and it worked perfectly fine, excepts all LDAP users just only be logged in as a 'Normal User'.
How can I configure a specific LDAP user that possible be logged in as administrator?

Thanks!

Image

Image


Last edited by sccuser on Thu Feb 27, 2014 4:14 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 2:38 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1225
This is the previous version of OpenAudit which is no longer supported. The current version of OpenAudit is a complete rewrite. If you're just starting out I would not use the old version and instead grab the latest from the Open-Audit downloads page.

If you're set on using the old version you'll need to set the admin_list and user_list config as needed in include_config.php.


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 2:18 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello jpa,

I'm using the following version on CentOS 6.5 minimal
http://sourceforge.net/code-snapshots/s ... -trunk.zip

then believe that's indeed a newest OA version, do I miss something?

Back to your suggestions, it still not working as expect. Any other clues?

Image


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 3:57 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
In short - no, that's a years old version you have that's not supported any more.
Do not download from SourceForge, download from http://www.open-audit.org/downloads.php
There are downloads available for Windows and Linux.

FYI - The last commit to the SourceForge SVN was on 2011-11-24 and before that was on 2010-09-23.
I released version 1.2 onto http://www.open-audit.org/downloads.php on Friday :-)

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 5:51 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello Mark,

Thanks a lot for your info :)

Cuong


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 26, 2014 2:30 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello jpa/Mark,

Sorry if spamming here but with latest version I don't see any LDAP configuration settings in the front-end GUI.
Could you please help me.

Thanks!
Cuong


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 26, 2014 4:15 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
Menu -> Admin -> Config.
You need to update the ad_domain and ad_server fields.

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 26, 2014 5:58 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello Mark,

Done for adding both ad_domain and ad_server, but not sure how to do next?

1. go head to create a local user with the username (without password) must match with a certain ldap user, for an example: abc.xyz@company.com, then logout/login again using abc.xyz@company.com + its ldap password?
2. or let me know somewhere to input bind user/pass to ldap authen?
3. or anything else need to approach my goals?

Thanks!


Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 27, 2014 9:01 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
When you enable those ad attributes ANY user that logs in will have their username and provided password verified against AD.
If it works, they log in.
If it doesn't work it is validated against the Open-AudIT username and password in the database.
If that works, they log in.
If not, no login.

No need to use an additional bind to AD setup. We simply try to bind using the user credentials. We have the IP (or name) of a domain controller. We have a domain name. We have a username and password. That's all we need. For a username you just need the actual username. No need to user@domain - we already have the domain.

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 27, 2014 9:32 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1225
Mark wrote:
If it doesn't work it is validated against the Open-AudIT username and password in the database.
And this means that you should use a good random password when creating Open Audit accounts even if you're using ldap.


Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 27, 2014 11:41 am 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Dear Mark/jpa,

Very much appreciated, it's working perfectly fine :)
Thanks a lot!

Cuong


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 11 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group