Versions Compared

Old Version 10

changes.mady.by.user Mark Unwin

Saved on

compared with

New Version 11

changes.mady.by.user Andres Araya

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Examples:

If you need to configure OpenLDAP access for your users and a given users access DN is normally uid=username@domain,cn=People,dc=your,dc=domain,dc=com then you should set base_dn to dc=your,dc=domain,dc=com and user_dn to uid=@username@@domain,cn=People. The special words @username and @domain will be replaced by the login details provided by your user on the login page.

If you need to configure Active Directory access, you can usually use the example of cn=Users,dc=your,dc=domain,dc=com for your base_dn. here is no need to set user_dn.

These are only examples. You may need to ajust adjust these attributes to suit your particular LDAP.

...

If you are using Open-AudIT Professional or Enterprise and you enable LDAP and you wish for user accounts to be automaticallly automatically created at logon, you must edit the (text) file:

...

A LDAP Server can be created using the web interface if a user has a role that contains the ldap_servers::create permission. Go to menu: Admin -> Ldap Servers-> Create Ldap Server. There is also a create button on the collection page.


 Image Added


Image RemovedImage Added

 

Image Removed

View a LDAP Server Details

...

You can also edit or delete the entry.

 


Image RemovedImage Added

 


Database Schema

The schema for the database is below. It can also be found in the application if the user has database::read permission by going to menu: Manage Admin -> Database -> List DatabaseTables, then clicking on the "ldap_servers" table.

Code Block
languagetext
themeEclipselanguagetext
CREATE TABLE `ldap_servers` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `name` varchar(200) NOT NULL DEFAULT '',
  `org_id` int(10) unsigned NOT NULL DEFAULT '1',
  `description` text NOT NULL,
  `lang` varchar(200) NOT NULL DEFAULT 'en',
  `host` varchar(200) NOT NULL DEFAULT '',
  `port` varchar(200) NOT NULL DEFAULT '385',
  `secure` enum('y','n') NOT NULL DEFAULT 'n',
  `domain` varchar(200) NOT NULL DEFAULT '',
  `type` enum('active directory','openldap') NOT NULL DEFAULT 'active directory',
  `version` int(1) unsigned NOT NULL DEFAULT '3',
  `base_dn` varchar(200) NOT NULL DEFAULT '',
  `user_dn` varchar(200) NOT NULL DEFAULT '',
  `user_membership_attribute` varchar(200) NOT NULL DEFAULT 'memberUid',
  `use_roles` enum('y','n') NOT NULL DEFAULT 'n',
  `dn_account` varchar(200) NOT NULL DEFAULT '',
  `dn_password` varchar(250) NOT NULL DEFAULT '',
  `refresh` int(10) unsigned NOT NULL DEFAULT '24',
  `refreshed` datetime NOT NULL DEFAULT '2000-01-01 00:00:00',
  `edited_by` varchar(200) NOT NULL DEFAULT '',
  `edited_date` datetime NOT NULL DEFAULT '2000-01-01 00:00:00',
  PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=9 DEFAULT CHARSET=utf8;

A typical entry looks as below.

Code Block
languagetext
themeEclipse
languagetext
                       id: 8
                     name: My Business
                   org_id: 1
              description: LDAP
                     lang: en
                     host: 192.168.1.200
                     port: 389
                   secure: y
                   domain: ldap.mybusiness.com
                     type: active directory
                  version: 3
                  base_dn:
                  user_dn:
user_membership_attribute: memberUid
                use_roles: n
               dn_account: nmis
              dn_password: znfN8ixkwOqEmtEaDJocqZ/5hyIQi3Ih2NuJLBt/SAniG5p4uqN4qJbJCsFT1BNIvgWSRR3XBhFqXjf1jCxghg==
                  refresh: 24
                refreshed: 2000-01-01 00:00:00
                edited_by: Open-AudIT Enterprise
              edited_date: 2017-05-22 03:30:39

...

The API routes below are usable from both a JSON Restful API and the web interface. The Web application routes are specifically designed to be called from the web interface (a browser).

API Routes

Request Method
ID
Action
Resulting Function
Permission Required
URL Example
Notes
Example Response
POSTn
 

createldap_servers::create/ldap_serversInsert a new ldap server entry.
 

GETy
 

readldap_servers::read/ldap_servers/{id}Returns a ldap server details.
 

PATCHy
 

updateldap_servers::update/ldap_servers/{id}Update an attribute of a ldap server entry.
 

DELETEy
 

deleteldap_servers::delete/ldap_servers/{id}Delete a ldap server entry.
 

GETn
 

collectionldap_servers::read/ldap_serversReturns a list of ldap servers.
 

POSTnimportimportldap_servers::create/ldap_servers/importImport multiple ldap servers using a CSV.
 

Web Application Routes

Request Method
ID
Action
Resulting Function
Permission Required
URL Example
Notes
GETncreatecreate_formldap_servers::create/ldap_servers/createDisplays a standard web form for submission to POST /ldap_servers.
GETyupdateupdate_formldap_servers::update/ldap_servers/{id}/updateShow the ldap server details with the option to update attributes using PATCH to /ldap_servers/{id}
GETnimportimport_formldap_servers::create/ldap_servers/importDisplays a standard web form for submission to POST /ldap_servers/import.

 

 

...