Registrations to Open-AudIT forums are now closed. To ask any new questions please visit Opmantek Community Questions.

Open-AudIT

What's on your network?
It is currently Fri Mar 29, 2024 4:57 am

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 11 posts ] 
Author Message
PostPosted: Mon Feb 24, 2014 8:02 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Dear forum,

I have had tried to config LDAP authentication and it worked perfectly fine, excepts all LDAP users just only be logged in as a 'Normal User'.
How can I configure a specific LDAP user that possible be logged in as administrator?

Thanks!

[img]http://upfree.ssc.vn/images/6752014_02_24_163606.png[/img]

[img]http://upfree.ssc.vn/images/3662014_02_24_163627.png[/img]


Last edited by sccuser on Thu Feb 27, 2014 4:14 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 2:38 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1259
This is the previous version of OpenAudit which is no longer supported. The current version of OpenAudit is a complete rewrite. If you're just starting out I would not use the old version and instead grab the [url=http://www.open-audit.org/downloads.php]latest from the Open-Audit downloads page[/url].

If you're set on using the old version you'll need to set the admin_list and user_list config as needed in include_config.php.


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 2:18 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello jpa,

I'm using the following version on CentOS 6.5 minimal
http://sourceforge.net/code-snapshots/s ... -trunk.zip

then believe that's indeed a newest OA version, do I miss something?

Back to your suggestions, it still not working as expect. Any other clues?

[img]http://upfree.ssc.vn/images/5902014_02_25_111705.png[/img]


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 3:57 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
In short - no, that's a years old version you have that's not supported any more.
Do not download from SourceForge, download from [url]http://www.open-audit.org/downloads.php[/url]
There are downloads available for Windows and Linux.

FYI - The last commit to the SourceForge SVN was on 2011-11-24 and before that was on 2010-09-23.
I released version 1.2 onto [url]http://www.open-audit.org/downloads.php[/url] on Friday :-)

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 25, 2014 5:51 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello Mark,

Thanks a lot for your info :)

Cuong


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 26, 2014 2:30 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello jpa/Mark,

Sorry if spamming here but with latest version I don't see any LDAP configuration settings in the front-end GUI.
Could you please help me.

Thanks!
Cuong


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 26, 2014 4:15 pm 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
Menu -> Admin -> Config.
You need to update the ad_domain and ad_server fields.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 26, 2014 5:58 pm 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Hello Mark,

Done for adding both ad_domain and ad_server, but not sure how to do next?

1. go head to create a local user with the username (without password) must match with a certain ldap user, for an example: abc.xyz@company.com, then logout/login again using abc.xyz@company.com + its ldap password?
2. or let me know somewhere to input bind user/pass to ldap authen?
3. or anything else need to approach my goals?

Thanks!


Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 27, 2014 9:01 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1964
Location: Brisbane, Australia
When you enable those ad attributes ANY user that logs in will have their username and provided password verified against AD.
If it works, they log in.
If it doesn't work it is validated against the Open-AudIT username and password in the database.
If that works, they log in.
If not, no login.

No need to use an additional bind to AD setup. We simply try to bind using the user credentials. We have the IP (or name) of a domain controller. We have a domain name. We have a username and password. That's all we need. For a username you just need the actual username. No need to user@domain - we already have the domain.

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 27, 2014 9:32 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1259
[quote="Mark"]If it doesn't work it is validated against the Open-AudIT username and password in the database.
And this means that you should use a good random password when creating Open Audit accounts even if you're using ldap.

Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 27, 2014 11:41 am 
Offline
Newbie

Joined: Mon Jun 18, 2012 6:26 pm
Posts: 32
Dear Mark/jpa,

Very much appreciated, it's working perfectly fine :)
Thanks a lot!

Cuong


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 11 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group