Versions Compared

Old Version 34

changes.mady.by.user Krishna Devaraya

Saved on

compared with

New Version 35

changes.mady.by.user Krishna Devaraya

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

KeyDescriptionExampleComment
auth_ms_ldaps_server MS-LDAPS Server Namehost[:port]No defaults. Entry must be created.

auth_ms_ldap_acc

Account Name


The MS-LDAP Distinguished Name (DN)/account to bind with

auth_ms_ldap_psw

Account Password
The password associated with the above MS-LDAP account. The entry must be created.
auth_ms_ldap_base Base Contextdc=corp,dc=opmantek,dc=comBase context to search from.

auth_ms_ldap_attr

MS-LDAP AttributessAMAccountNameThe MS-LDAP attribute(s) to match to username. 
auth_ms_ldap_group Checks if the user logging in is associated with the defined group.Sales, SNMPSIM, GPON

 Must follow: CN=OMK Ops,CN=Users,DC=opmantek,DC=local


novell-ldap

-- Deprecated --

apache

Apache will perform authentication and provide an authenticated user to Opmantek , which will have products with all the authorisation policies applied.

...

KeyDescriptionExampleComment
auth_cw_server IP address of the ConnectWise Server1.2.3.4No defaults. Entry must be created.

auth_cw_company_id

The company name in ConnectWise

COMPANYauth_cw_public_keyThe ConnectWise Public KeyxxxxxxXXXXXxxxxxauth_cw_private_keyThe Private Key associated with the above Public KeyyyyyyYYYYYyyyyy

crowd

openaudit

must be created.

auth_cw_company_id

The company name in ConnectWise

COMPANY
auth_cw_public_keyThe ConnectWise Public KeyxxxxxxXXXXXxxxxx
auth_cw_private_keyThe Private Key associated with the above Public KeyyyyyyYYYYYyyyyy

crowd

The Opmantek products will use the Atlassian Crowd authentication. Use Crowd to assign additional groups to a user and define each service that requires authentication as an application in Crowd.

Following are the configuration items in opCommon.json:

KeyDescriptionExampleComment
usernameUser name username
passwordPasswordpassword
nameremote addressremote_address
value
127.0.0.1

openaudit

Open-AudIT can use Active Directory and/or OpenLDAP for user authentication and/or authorisation. Open-AudIT will query both types of LDAP servers to validate a user's username and password and retrieve the user details (roles and orgs the user has access to). The user will be automatically created when they are authenticated.

openid_connect

Opmantek products use OKTA's OpenID Connect for authentication. In the authentication > auth_method_1 entry of opCommon.json, use the openid_connect. For more information, see OKTA OpenID authentication.

Following are the configuration items in opCommon.json:

KeyDescriptionExampleComment
typeAuthentication typeoktaThe authentication type shall be "okta".
urlURL for your subdomainhttps://YOUR_SUBDOMAIN.okta.com/oauth2/default/v1/tokenReplace only the text in red with your subdomain name.
passwordPasswordpasswordThe password shall remain "password", since the Opmantek's internal password field is mapped to the one returned by the OKTA service.
usernameUser name usernameThe user name shall remain  "username", since the Opmantek's internal username field is mapped to the one returned by the OKTA service.
client_idThe user's client ID
Enter the user's client ID.
client_secretThe user's client secret
Enter the user's client secret.
grant_type
password

This grant type shall be "password".

scope
openidThe scope shall be "openid".

...

KeyDescriptionExampleComment
auth_radius_server The Radius Server Namehost:portNo defaults. Entry must be created.

auth_radius_secret

Also known as the Key

secret

...


tacacs

The Opmantek products will use the configured TACACS+ server (for example, Cisco ACS).

...

The Opmantek products support a new authentication method called token, which offers delegated authentication. This enables an external party to pre-authenticate a user, who can access the Opmantek products without having to log in with username and password.

...