...

Open-AudIT can use Active Directory and/or OpenLDAP for user authentication and/or authorisation. Open-AudIT will query both types of LDAP servers to validate a user's username and password, then retrieve user details and the list of roles the user has and the orgs a user has access to. Open-AudIT will automatically create the user if they are authenticated and authorized so no manual user setup within Open-AudIT is required - at all!

...

Roles can only be created and edited if you have an Open-AudIT Enterprise license. For most users, the default set of Roles should be all that is required. And if you think about it, it's more granularity than Open-AudIT has ever had at any time!

Authenticate via LDAP Only

You may wish to have Active Directory or OpenLDAP authenticate your users, but not provide authorization. To do this, make sure "Use LDAP for Authentication" is set to Y and "Use LDAP for Roles" is set to N. The credentials will be validated by LDAP, but you will need to have the user already created and assigned Roles in Open-AudIT.

Enabling for Professional and Enterprise

If you are using Open-AudIT Professional or Enterprise and you enable LDAP and you wish for user accounts to be automatically created at logon, you must edit the (text) file:

Linux – /usr/local/omk/conf/opCommon.nmis

Windows – c:\omk\conf\opCommon.nmis

And ensure that auth_method_1 is set to openaudit.

That's all there is to it. As long as Open-AudIT can talk to an LDAP Server - be it an Active Directory Domain Controller or an OpenLDAP server, your users can use their existing LDAP credentials to logon to Open-AudIT.

...