Overview
Open-AudIT can use Active Directory and/or OpenLDAP for user authentication and authorisation. Open-AudIT will query both types of LDAP servers to validate a user's username and password, then retrieve user details and the list of roles the user has and the orgs a user has access to. Open-AudIT will automatically create the user if they are authenticated and authorized so no manual user setup within Open-AudIT is required - at all!
How To
To enable this, create a new LDAP Server item by going to menu -> Manage -> LDAP Servers -> Create LDAP Servers.
...
The default Open-AudIT groups for LDAP Server authorization are:
Roles Groups
| Code Block |
|---|
+-----------+----------------------------+ | name | ad_group | +-----------+----------------------------+ | admin | open-audit_roles_admin | | org_admin | open-audit_roles_org_admin | | reporter | open-audit_roles_reporter | | user | open-audit_roles_user | +-----------+----------------------------+ |
Orgs Groups
| Code Block |
|---|
+----------------------+--------------------------------------+ | name | ad_group | +----------------------+--------------------------------------+ | Default Organisation | open-audit_orgs_default_organisation | +----------------------+--------------------------------------+ |