Open-AudIT
https://www.open-audit.org/phpBB3/

[SOLVED] Login LDAP user as admin right
https://www.open-audit.org/phpBB3/viewtopic.php?f=20&t=6280
Page 1 of 1

Author:  sccuser [ Mon Feb 24, 2014 8:02 pm ]
Post subject:  [SOLVED] Login LDAP user as admin right

Dear forum,

I have had tried to config LDAP authentication and it worked perfectly fine, excepts all LDAP users just only be logged in as a 'Normal User'.
How can I configure a specific LDAP user that possible be logged in as administrator?

Thanks!

[img]http://upfree.ssc.vn/images/6752014_02_24_163606.png[/img]

[img]http://upfree.ssc.vn/images/3662014_02_24_163627.png[/img]

Author:  jpa [ Tue Feb 25, 2014 2:38 am ]
Post subject:  Re: Login LDAP user as admin right

This is the previous version of OpenAudit which is no longer supported. The current version of OpenAudit is a complete rewrite. If you're just starting out I would not use the old version and instead grab the [url=http://www.open-audit.org/downloads.php]latest from the Open-Audit downloads page[/url].

If you're set on using the old version you'll need to set the admin_list and user_list config as needed in include_config.php.

Author:  sccuser [ Tue Feb 25, 2014 2:18 pm ]
Post subject:  Re: Login LDAP user as admin right

Hello jpa,

I'm using the following version on CentOS 6.5 minimal
http://sourceforge.net/code-snapshots/s ... -trunk.zip

then believe that's indeed a newest OA version, do I miss something?

Back to your suggestions, it still not working as expect. Any other clues?

[img]http://upfree.ssc.vn/images/5902014_02_25_111705.png[/img]

Author:  Mark [ Tue Feb 25, 2014 3:57 pm ]
Post subject:  Re: Login LDAP user as admin right

In short - no, that's a years old version you have that's not supported any more.
Do not download from SourceForge, download from [url]http://www.open-audit.org/downloads.php[/url]
There are downloads available for Windows and Linux.

FYI - The last commit to the SourceForge SVN was on 2011-11-24 and before that was on 2010-09-23.
I released version 1.2 onto [url]http://www.open-audit.org/downloads.php[/url] on Friday :-)

Author:  sccuser [ Tue Feb 25, 2014 5:51 pm ]
Post subject:  Re: Login LDAP user as admin right

Hello Mark,

Thanks a lot for your info :)

Cuong

Author:  sccuser [ Wed Feb 26, 2014 2:30 pm ]
Post subject:  Re: Login LDAP user as admin right

Hello jpa/Mark,

Sorry if spamming here but with latest version I don't see any LDAP configuration settings in the front-end GUI.
Could you please help me.

Thanks!
Cuong

Author:  Mark [ Wed Feb 26, 2014 4:15 pm ]
Post subject:  Re: Login LDAP user as admin right

Menu -> Admin -> Config.
You need to update the ad_domain and ad_server fields.

Author:  sccuser [ Wed Feb 26, 2014 5:58 pm ]
Post subject:  Re: Login LDAP user as admin right

Hello Mark,

Done for adding both ad_domain and ad_server, but not sure how to do next?

1. go head to create a local user with the username (without password) must match with a certain ldap user, for an example: abc.xyz@company.com, then logout/login again using abc.xyz@company.com + its ldap password?
2. or let me know somewhere to input bind user/pass to ldap authen?
3. or anything else need to approach my goals?

Thanks!

Author:  Mark [ Thu Feb 27, 2014 9:01 am ]
Post subject:  Re: Login LDAP user as admin right

When you enable those ad attributes ANY user that logs in will have their username and provided password verified against AD.
If it works, they log in.
If it doesn't work it is validated against the Open-AudIT username and password in the database.
If that works, they log in.
If not, no login.

No need to use an additional bind to AD setup. We simply try to bind using the user credentials. We have the IP (or name) of a domain controller. We have a domain name. We have a username and password. That's all we need. For a username you just need the actual username. No need to user@domain - we already have the domain.

Author:  jpa [ Thu Feb 27, 2014 9:32 am ]
Post subject:  Re: Login LDAP user as admin right

[quote="Mark"]If it doesn't work it is validated against the Open-AudIT username and password in the database.And this means that you should use a good random password when creating Open Audit accounts even if you're using ldap.

Author:  sccuser [ Thu Feb 27, 2014 11:41 am ]
Post subject:  Re: Login LDAP user as admin right

Dear Mark/jpa,

Very much appreciated, it's working perfectly fine :)
Thanks a lot!

Cuong

Page 1 of 1 All times are UTC + 10 hours
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/