Versions Compared

Old Version 10

changes.mady.by.user Christopher Gatlin

Saved on

compared with

New Version 11

changes.mady.by.user Christopher Gatlin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following table lists OMK configuration options and the type of authentication which it works with.

Info

THESE AUTH METHODS REQUIRE OPTIONAL PERL MODULES

Each of the authentication methods require there own Perl Modules - you can install them with the cpan command and the module name e.g. "cpan Net::LDAP" or you can check if a module is installed with e.g. "cpan -D Net::LDAP"

 

Method
Description
Method
Description
apacheApache will perform authentication and provide an authenticated user to OMK, which will have authorisation policies applied.
ldap

OMK will use the configured LDAP server to perform authentication

Requires Optional Perl Module: Net::LDAP

 Config:
auth_ldap_server => 'host[:port]'
auth_ldap_attr => '' # attributes to match to username, can be blank, then defaults to ('uid','cn')
auth_ldap_context => 'ou=people,dc=opmantek,dc=com', # base of context to attempt to bind to 

ldaps (secure)

OMK will use the configured LDAP server to perform authenticationRequires Optional Perl Modules: IO::Socket::SSL and Net::LDAPS

auth_ldaps_server => 'host[:port]'
auth_ldap_attr => '' # attributes to match to username, can be blank, then defaults to ('uid','cn')
auth_ldap_context => 'ou=people,dc=opmantek,dc=com', # base of context to attempt to bind to 

ms-ldap

OMK will use the configured Microsoft Active Directory (LDAP) server to perform authenticationRequires Optional Perl Module: Net::LDAP

Config:
auth_ms_ldap_server => 'host[:port]'
auth_ms_ldaps_server => 'host[:port]'
auth_ms_ldap_dn_acc => '' # the DN/account to bind with
auth_ms_ldap_dn_psw => 'password'
auth_ms_ldap_attr => 'sAMAccountName', # attribute to match to username
auth_ms_ldap_base => 'dc=corp,dc=opmantek,dc=com' # base to search from

ms-ldaps (secure)

OMK will use the configured Microsoft Active Directory (LDAP) server to perform authentication

Requires Optional Perl Modules: IO::Socket::SSL and Net::LDAPS

Config:
auth_ms_ldaps_server => 'host[:port]'
auth_ms_ldap_dn_acc => '' # the DN/account to bind with
auth_ms_ldap_dn_psw => 'password'
auth_ms_ldap_attr => 'sAMAccountName', # attribute to match to username
auth_ms_ldap_base => 'dc=corp,dc=opmantek,dc=com' # base to search from

radius

OMK will use the configured radius server (Cisco ACS or Steel Belted Radius for example)Requires Optional Perl Modules: Authen::Simple::RADIUS

Config:
auth_radius_server => 'host:port'
auth_radius_secret => 'secret' 

tacacs

OMK will use the configured Tacacs+ server (Cisco ACS for example)Requires Optional Perl Modules: Authen::TacacsPlus

Config:
auth_tacacs_server => 'host:port'
auth_tacacs_secret => 'secret' # Also known as the "Key"

htpasswdOMK will use the users defined in the OMK Users file, by default /usr/local/omk/conf/users.dat

...