Opmantek VM Passwords

If you are using the Opmantek Virtual Appliance, you can find more default credential information at Default Credentials (Passwords) for NMIS8 VM

Open-AudIT Enterprise web logon (pre 5.0.0)

Enterprise and Professional can use various methods for authentication. However, regardless of authentication, your user must exist within Open-AudIT in order to receive authorisation. The simplest method is to simple create your user in the Open-AudIT web GUI and ensure "openaudit" is listed as an acceptable method in /omk/conf/opCommon.nmis. The installer will do this for you. See below (Open-AudIT web logon).

The below is only relevant if you wish to use htpasswd based authentication. You will still require Open-AudIT to contain the user, this will be used for authorisation.

These passwords are stored in the /usr/local/omk/conf/users.dat or c:\omk\conf\users.dat file.

They can be changed using htpasswd - IE, "htpasswd -d /usr/local/omk/conf/users.dat admin" and typing the new password. Please note that before release 1.4.0 of Open-AudIT Enterprise only the 'crypt' password hashing  method is supported (hence the -d option in the example above). Starting with that version both password hashing methods 'crypt' and 'md5' can be used.

The default credentials are:

admin : password

Open-AudIT web logon

These passwords are stored in the Open-AudIT database and can be changed by logging into Open-AudIT as an admin level user and going to Menu -> Manage -> Users -> List Users and selecting the user to edit.

admin : password (default user)

Open-AudIT Enterprise user (pre 5.0.0)

This user is used by Open-AudIT Enterprise to log on to Open-AudIT and generate scheduled reports, retrieve dashboard data, etc. This user will not work in the web interface of Open-AudIT Enterprise. This user should have at least 'view' access on the All Devices Group. It does not need admin or sam (Software Asset Management) access, but for completeness - using Discovery, setting config values and so on, it should be an Admin level user within Open-AudIT.

In Open-AudIT Enterprise it is stored in the file omk/conf/opCommon.nmis

In Open-AudIT it is stored in the database can can be edited like any other user via the web interface.

open-audit_enterprise : openaudit1234567890 (used by the Open-AudIT Enterprise dashboard)

Open-AudIT MySQL user

This password is stored in the file (pre 5.0.0) open-audit/code_igniter/application/config/database.php

For 5.0.0 onwards it is open-audit/app/Config/Database.json

openaudit : openauditpassword

Open-AudIT root MySQL user

This password is not stored. It is only used to setup the initial Open-AudIT database and can be changed directly in MySQL. It is only set if it does not already exist.

root : openauditrootuserpassword 

Default encryption key

Open-AudIT stores the device credentials in it's database. It must store them in a reversible format in order to use them (to connect to the target devices). See Storing Credentials (encryption) in Open-AudIT.

They are encrypted using a key which is found in (pre 5.0.0) /open-audit/code_igniter/application/config/config.php.

The variable used is $config['encryption_key'] which by default is set to 'open-audit'.

And for 5.0.0 onwards it is in /open-audit/app/Config/Encryption.php

The variable used is $key which by default is set to 'open-audit'.

NOTE - If you change this key after you have created some credentials, those credentials will be unusable (they will not be able to be decrypted). You should first export them, delete them, change the encryption key, then import them.