4 answers
- 10-1
Mark,
In this document, How to Enable LDAP Authentication and Authorization for Open-AudIT, does it apply to community edition as well? Is there a particular OU I need to put the open-audit groups in?
Joe
- Mark Unwin
Yes, it applies to both Community and Professional/Enterprise. The groups shouldn't need to be in a particular OU, however, the users must be direct members of those groups (not in another group that is a member of those groups).
Add your comment... - 10-1
The string "Can't contact LDAP server" indicates that your Open-AudIT server cannot talk to the AD server. Maybe a firewall is blocking traffic. Maybe the domain name is incorrect.
Some notes -
- If you have more than one LDAP Server configured in Open-AudIT, you should use username@domain when logging on.
- Is your domain actually named domain.test? This should be the actual name of your domain. Your BaseDN should also reflect this.
- Use Roles should be set to Yes if you wish to have the user roles configured by Active Directory groups.
Another way of testing Open-AudIT can talk to AD is to create a Discovery with the type of Active Directory. When you do this, Open-AudIT will talk to AD and ask for a list of subnets. If this doesn't work, I highly suspect it's not Open-AudIT as such, but either a firewall or AD configuration issue.
Add your comment... - 10-1
I added AD groups described in the documentation but it does not solve my problem. In the log I can see this error :
<summary>Invalid user supplied credentials for LDAP server at 172.16.30.10 or the LDAP server could not be reached, skipping.</summary>
<detail>Can't contact LDAP server</detail>Add your comment... - 10-1
You need your AD users in the correct AD groups. Please check these documentation links.
How to Enable LDAP Authentication and Authorization for Open-AudIT
Add your comment...
I added an LDAP server to use the active directory authentication to login on openaudit 2.0.2 installed on linux.
My configuration is shown in the screenshot and I can't login like domain administrator.
Is it wrong my configuration?
I have to configure something else on open audit / domain controller to use DC authentication?
Thanks