4 answers
- 210
There is a troubleshooting page on the wiki - Troubleshooting LDAP logins
- gigix gigix
Hi my Very Best Friend,
thanks a lot for troubleshooting information
I think I have identified the problem. :
logon","fail","User has no roles and no orgs","User lala.lala exists in LDAP (diretto-100) and attempted to logon, but does not belong to any OA groups for Roles or Organisations.", "6631","2020-11-19 17:54:51","1605804891.3855","system","5","notice","13220","","tester31","10.2.5.16","logon","","m_logon::logon","HTTP/1.1 401 Unauthorized","Invalid logon attempt.","Could not authenticate and/or authorise user lala.lala from IP 10.2.5.16"
it appears as if the user is not configured in the openaudit group, but instead it is
su - lala.lala
Last login: Thu Nov 19 11:49:22 CET 2020 on pts/1
-bash-4.2$ id
uid=9874(lala.lala) gid=3020(open-audit_orgs_default_organisation) groups=3020(open-audit_orgs_default_organisation)I also tried to create the user on openaudit hoping that he would inherit org and groups but nothing
"fail","User has no roles and no orgs","User lala.lala exists in LDAP (diretto-100) and attempted to logon
HELP i THINK THIS IS A BUG
this is part of log :"6613","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","","","logon","success","set format","Set format to screen, according to HEADERS.", "6614","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","Retrieved LDAP Servers","1 LDAP servers retrieved from database.", "6615","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","success","Successful LDAP bind","Successful bind using credentials for LDAP server at 172.23.11.100: Success", "6616","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP filter","(uid=lala.lala)", "6617","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP BaseDN","dc=rm,dc=it,dc=noverca,dc=com", "6618","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","success","LDAP found user","LDAP search successful for user lala.lala at 172.23.11.100, ldap_search($ldap_connection, '{$ldap->base_dn}', '{$ldap->filter}')", "6619","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","success","LDAP retrieved entries","LDAP entries retrieval successful for user lala.lala at 172.23.11.100", "6620","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_admin succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_admin)(memberUid=lala.lala))", "6621","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_org_admin succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_org_admin)(memberUid=lala.lala))", "6622","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_reporter succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_reporter)(memberUid=lala.lala))", "6623","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_user succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_user)(memberUid=lala.lala))", "6624","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_collector succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_collector)(memberUid=lala.lala))", "6625","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_agent succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_agent)(memberUid=lala.lala))", "6626","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_default_organisation succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_default_organisation)(memberUid=lala.lala))", "6627","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_it succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_it)(memberUid=lala.lala))", "6628","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_netscaperoot succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_netscaperoot)(memberUid=lala.lala))", "6629","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_people succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_people)(memberUid=lala.lala))", "6630","2020-11-19 17:54:51","1605804891.3855","system","5","notice","13220","","tester31","10.2.5.16","logon","","m_logon::logon","fail","User has no roles and no orgs","User lala.lala exists in LDAP (diretto-100) and attempted to logon, but does not belong to any OA groups for Roles or Organisations.", "6631","2020-11-19 17:54:51","1605804891.3855","system","5","notice","13220","","tester31","10.2.5.16","logon","","m_logon::logon","HTTP/1.1 401 Unauthorized","Invalid logon attempt.","Could not authenticate and/or authorise user lala.lala from IP 10.2.5.16", "6632","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00011992454528809)","/* m_configuration::load */ SELECT NOW() as `timestamp`", "6633","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.0001518726348877)","/* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`", "6634","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00044798851013184)","/* m_configuration::load */ SELECT count(*) as device_count FROM `system`", "6635","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","logon","success","set format","Set format to screen, according to HEADERS.", "6636","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00037813186645508)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'oae_license'", "6637","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.0031790733337402)","/* m_configuration::update */ UPDATE configuration SET value = 'none', edited_by = 'system', edited_date = NOW() WHERE id = 141", "6638","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00032210350036621)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'oae_product'", "6639","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00057291984558105)","/* m_configuration::update */ UPDATE configuration SET value = 'Open-AudIT Community', edited_by = 'system', edited_date = NOW() WHERE id = 143", "6640","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00041699409484863)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'server_ip'", "6641","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.0014381408691406)","/* m_configuration::update */ UPDATE configuration SET value = '172.31.11.224,10.254.2.224', edited_by = 'system', edited_date = NOW() WHERE id = 153", "6642","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00036001205444336)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'modules'", "6643","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00077199935913086)","/* m_configuration::update */ UPDATE configuration SET value = '{\""NMIS8\"":{\""name\"":\""NMIS8\"",\""file\"":\""\\/cgi-bin\\/nmiscgi.pl\"",\""link\"":\""\\/cgi-nmis8\\/nmiscgi.pl\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-management-system-nmis\\/\""},\""opAddress\"":{\""name\"":\""opAddress\"",\""file\"":\""\\/bin\\/opaddress-cli.pl\"",\""link\"":\""\\/omk\\/opAddress\\/\"",\""url\"":\""https:\\/\\/community.opmantek.com\\/display\\/opAddress\\/Home\""},\""opCharts\"":{\""name\"":\""opCharts\"",\""file\"":\""\\/public\\/omk\\/js\\/opCharts_a_external_packed.js\"",\""link\"":\""\\/omk\\/opCharts\"",\""url\"":\""https:\\/\\/opmantek.com\\/opcharts-dashboards-charts-management\\/\""},\""opConfig\"":{\""name\"":\""opConfig\"",\""file\"":\""\\/install\\/opconfigd.init.d\"",\""link\"":\""\\/omk\\/opConfig\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-configuration-management-opconfig\\/\""},\""Open-AudIT\"":{\""name\"":\""Open-AudIT\"",\""file\"":\""\\/bin\\/oae-tasks.sh\"",\""link\"":\""\\/omk\\/open-audit\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-audit-software\\/\""},\""opEvents\"":{\""name\"":\""opEvents\"",\""file\"":\""\\/install\\/opeventsd.init.d\"",\""link\"":\""\\/omk\\/opEvents\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/opevents-traps-network-event-management\\/\""},\""opFlow\"":{\""name\"":\""opFlow\"",\""file\"":\""\\/bin\\/opflow-cli.pl\"",\""link\"":\""\\/omk\\/opFlow\"",\""url\"":\""https:\\/\\/opmantek.com\\/netflow-analyzer-collector-opflow\\/\""},\""opHA\"":{\""name\"":\""opHA\"",\""file\"":\""\"",\""link\"":\""\\/omk\\/opHA\"",\""url\"":\""https:\\/\\/opmantek.com\\/distributed-network-management-system\\/\""},\""opLicensing\"":{\""name\"":\""opLicensing\"",\""file\"":\""\\/lib\\/opLicense.pm.exe\"",\""link\"":\""\\/omk\\/opLicense\"",\""url\"":\""#\""},\""opReports\"":{\""name\"":\""opReports\"",\""file\"":\""\\/bin\\/opreports-cli.pl\"",\""link\"":\""\\/omk\\/opReports\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-configuration-management-opconfig\\/\""},\""opSLA\"":{\""name\"":\""opSLA\"",\""file\"":\""\"",\""link\"":\""\\/omk\\/opSLA\"",\""url\"":\""https:\\/\\/opmantek.com\\/ip-sla-monitor-cisco-ipsla\\/\""},\""Other Modules\"":{\""name\"":\""Other Modules\"",\""link\"":\""https:\\/\\/opmantek.com\\/network-management-system-tools\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-management-system-tools\\/\""}}', edited_by = 'system', edited_date = NOW() WHERE id = 138", "6644","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_networks::upsert","success","running sql (0.00038290023803711)","/* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '127.0.0.0/8'", "6645","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_networks::upsert","success","running sql (0.0002281665802002)","/* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '172.31.0.0/20'", "6646","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_networks::upsert","success","running sql (0.00023794174194336)","/* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '10.254.0.0/18'", "6647","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00013589859008789)","/* m_configuration::load */ SELECT NOW() as `timestamp`", "6648","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00015401840209961)","/* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`", "6649","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00045013427734375)","/* m_configuration::load */ SELECT count(*) as device_count FROM `system`", "6650","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","logon","success","set format","Set format to screen, according to HEADERS.", "6651","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","Retrieved LDAP Servers","1 LDAP servers retrieved from database.", "6652","2020-11-19 17:55:11","1605804911.9456","system","6","info","14513","","tester31","10.2.5.16","logon","","m_logon::logon","fail","Invalid credentials","Invalid user supplied credentials for LDAP server at 172.23.11.100, skipping.", "6653","2020-11-19 17:55:12","1605804911.9456","system","5","notice","14513","","tester31","10.2.5.16","logon","","m_logon::logon","success","User logged on","Existing user admin logged on (local account).", "6654","2020-11-19 17:55:12","1605804912.0382","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00010919570922852)","/* m_configuration::load */ SELECT NOW() as `timestamp`", "6655","2020-11-19 17:55:12","1605804912.0382","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00014615058898926)","/* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`", "6656","2020-11-19 17:55:12","1605804912.0382","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00046205520629883)","/* m_configuration::load */ SELECT count(*)
- gigix gigix
User lala.lala
"User has no roles and no orgs" how set this ?
Add your comment... - 10-1
Is the user in a Role group as well as an Org group? The logs state it is not.
Should likely be a member of:
open-audit_roles_admin
open-audit_roles_org_admin
open-audit_orgs_default_organisation
The user account must be a direct member of these groups, not a member of a group that is a member of these groups.LDAP search for org open-audit_orgs_default_organisation succeeded, lala.lala is NOT in group.
- gigix gigix
hi,
first i have create a group open-audit_orgs_default_organisation in my ldap server.
Then i have create a user lala.lala in my open-ldap server with open-audit_orgs_default_organisation :
this is my login in my openaudit server switch user from root to lala.lala
[root@tester31 ~]# su - lala.lala
Last login: Thu Nov 19 18:18:04 CET 2020 on pts/0
-bash-4.2$ id
uid=9874(lala.lala) gid=3020(open-audit_orgs_default_organisation) groups=3020(open-audit_orgs_default_organisation)
-bash-4.2$what's wrong ?
what's the exactly ldap search command that openaudit do for this search ? i want launch it manually for troubleshooting ?
Can you send me a step by step how-to with openldap. All how-to in the your site are also Active directory based.
thanks a lot
- Mark Unwin
Should be a member of:
open-audit_roles_admin, open-audit_roles_org_admin, open-audit_orgs_default_organisation
The user account must be a direct member of all of these groups, not a member of a group that is a member of these groups.
- gigix gigix
ok Now my user lala.lala is a member of all of these groups.
But not work with the same error :
reading data","LDAP search for role open-audit_roles_admin succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_admin)(memberUid=lala.lala))",
I think the problem is on the ldapsearch that fail and not match lala.lala in the
group ( ... lala.lala is NOT in group.","(&(cn=open-audit_roles_admin)(memberUid=lala.lala))")
but lala.lala is in all group.
If i use option USE ROLES = no all work fine .this is my ldap situation :
# open-audit_roles_admin, Groups, rm.it.noverca.com
dn: cn=open-audit_roles_admin,ou=Groups,dc=rm,dc=it,dc=noverca,dc=com
gidNumber: 3018
description: gruppo admin ldap
objectClass: top
objectClass: groupofuniquenames
objectClass: posixgroup
uniqueMember: uid=luigi.staniscia,ou=People,dc=rm,dc=it,dc=noverca,dc=com
uniqueMember: uid=pippo.pippo,ou=People,dc=rm,dc=it,dc=noverca,dc=com
uniqueMember: uid=lala.lala,ou=People,dc=rm,dc=it,dc=noverca,dc=com
cn: open-audit_roles_admin# open-audit_orgs_default_organisation, Groups, rm.it.noverca.com
dn: cn=open-audit_orgs_default_organisation,ou=Groups,dc=rm,dc=it,dc=noverca,d
c=com
gidNumber: 3020
objectClass: top
objectClass: groupofuniquenames
objectClass: posixgroup
uniqueMember: uid=pippo.pippo,ou=People,dc=rm,dc=it,dc=noverca,dc=com
uniqueMember: uid=nino.nino,ou=People,dc=rm,dc=it,dc=noverca,dc=com
uniqueMember: uid=lala.lala,ou=People,dc=rm,dc=it,dc=noverca,dc=com
uniqueMember: uid=luigi.staniscia,ou=People,dc=rm,dc=it,dc=noverca,dc=com
cn: open-audit_orgs_default_organisation# open-audit_roles_org_admin, Groups, rm.it.noverca.com
dn: cn=open-audit_roles_org_admin,ou=Groups,dc=rm,dc=it,dc=noverca,dc=com
objectClass: top
objectClass: groupofuniquenames
objectClass: posixgroup
gidNumber: 3021
uniqueMember: uid=lala.lala,ou=People,dc=rm,dc=it,dc=noverca,dc=com
uniqueMember: uid=luigi.staniscia,ou=People,dc=rm,dc=it,dc=noverca,dc=com
cn: open-audit_roles_org_admin - Mark Unwin
I'm sorry, but I do not know.
I do not have an openLDAP server to test against.
All I can say is that when the code was written, I did have an openLDAP server and it did work.
As a paying customer you would be entitled to a support contract and support assistance.
I'm unsure I can help much more than this.
Add your comment... - 10-1
hi Mark any idea?
How create a user ?
I have create my user lala.lala on my openldap server with a openaudit group. But not work.
I must create a ORGANIAZION in my openldap server ?
Add your comment... - 10-1
Hi my Very Best Friend,
thanks a lot for troubleshooting information
I think I have identified the problem. :
logon","fail","User has no roles and no orgs","User lala.lala exists in LDAP (diretto-100) and attempted to logon, but does not belong to any OA groups for Roles or Organisations.", "6631","2020-11-19 17:54:51","1605804891.3855","system","5","notice","13220","","tester31","10.2.5.16","logon","","m_logon::logon","HTTP/1.1 401 Unauthorized","Invalid logon attempt.","Could not authenticate and/or authorise user lala.lala from IP 10.2.5.16"
it appears as if the user is not configured in the openaudit group, but instead it is
su - lala.lala
Last login: Thu Nov 19 11:49:22 CET 2020 on pts/1
-bash-4.2$ id
uid=9874(lala.lala) gid=3020(open-audit_orgs_default_organisation) groups=3020(open-audit_orgs_default_organisation)I also tried to create the user on openaudit hoping that he would inherit org and groups but nothing
"fail","User has no roles and no orgs","User lala.lala exists in LDAP (diretto-100) and attempted to logon
HELP i THINK THIS IS A BUG
this is part of log :"6613","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","","","logon","success","set format","Set format to screen, according to HEADERS.", "6614","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","Retrieved LDAP Servers","1 LDAP servers retrieved from database.", "6615","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","success","Successful LDAP bind","Successful bind using credentials for LDAP server at 172.23.11.100: Success", "6616","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP filter","(uid=lala.lala)", "6617","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP BaseDN","dc=rm,dc=it,dc=noverca,dc=com", "6618","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","success","LDAP found user","LDAP search successful for user lala.lala at 172.23.11.100, ldap_search($ldap_connection, '{$ldap->base_dn}', '{$ldap->filter}')", "6619","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","success","LDAP retrieved entries","LDAP entries retrieval successful for user lala.lala at 172.23.11.100", "6620","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_admin succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_admin)(memberUid=lala.lala))", "6621","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_org_admin succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_org_admin)(memberUid=lala.lala))", "6622","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_reporter succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_reporter)(memberUid=lala.lala))", "6623","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_user succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_user)(memberUid=lala.lala))", "6624","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_collector succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_collector)(memberUid=lala.lala))", "6625","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for role open-audit_roles_agent succeeded, lala.lala is NOT in group.","(&(cn=open-audit_roles_agent)(memberUid=lala.lala))", "6626","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_default_organisation succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_default_organisation)(memberUid=lala.lala))", "6627","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_it succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_it)(memberUid=lala.lala))", "6628","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_netscaperoot succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_netscaperoot)(memberUid=lala.lala))", "6629","2020-11-19 17:54:51","1605804891.3855","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","LDAP search for org open-audit_orgs_people succeeded, lala.lala is NOT in group.","(&(cn=open-audit_orgs_people)(memberUid=lala.lala))", "6630","2020-11-19 17:54:51","1605804891.3855","system","5","notice","13220","","tester31","10.2.5.16","logon","","m_logon::logon","fail","User has no roles and no orgs","User lala.lala exists in LDAP (diretto-100) and attempted to logon, but does not belong to any OA groups for Roles or Organisations.", "6631","2020-11-19 17:54:51","1605804891.3855","system","5","notice","13220","","tester31","10.2.5.16","logon","","m_logon::logon","HTTP/1.1 401 Unauthorized","Invalid logon attempt.","Could not authenticate and/or authorise user lala.lala from IP 10.2.5.16", "6632","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00011992454528809)","/* m_configuration::load */ SELECT NOW() as `timestamp`", "6633","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.0001518726348877)","/* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`", "6634","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00044798851013184)","/* m_configuration::load */ SELECT count(*) as device_count FROM `system`", "6635","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","","","logon","success","set format","Set format to screen, according to HEADERS.", "6636","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00037813186645508)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'oae_license'", "6637","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.0031790733337402)","/* m_configuration::update */ UPDATE configuration SET value = 'none', edited_by = 'system', edited_date = NOW() WHERE id = 141", "6638","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00032210350036621)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'oae_product'", "6639","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00057291984558105)","/* m_configuration::update */ UPDATE configuration SET value = 'Open-AudIT Community', edited_by = 'system', edited_date = NOW() WHERE id = 143", "6640","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00041699409484863)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'server_ip'", "6641","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.0014381408691406)","/* m_configuration::update */ UPDATE configuration SET value = '172.31.11.224,10.254.2.224', edited_by = 'system', edited_date = NOW() WHERE id = 153", "6642","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00036001205444336)","/* m_configuration::update */ SELECT * FROM `configuration` WHERE `name` = 'modules'", "6643","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_configuration::update","success","running sql (0.00077199935913086)","/* m_configuration::update */ UPDATE configuration SET value = '{\""NMIS8\"":{\""name\"":\""NMIS8\"",\""file\"":\""\\/cgi-bin\\/nmiscgi.pl\"",\""link\"":\""\\/cgi-nmis8\\/nmiscgi.pl\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-management-system-nmis\\/\""},\""opAddress\"":{\""name\"":\""opAddress\"",\""file\"":\""\\/bin\\/opaddress-cli.pl\"",\""link\"":\""\\/omk\\/opAddress\\/\"",\""url\"":\""https:\\/\\/community.opmantek.com\\/display\\/opAddress\\/Home\""},\""opCharts\"":{\""name\"":\""opCharts\"",\""file\"":\""\\/public\\/omk\\/js\\/opCharts_a_external_packed.js\"",\""link\"":\""\\/omk\\/opCharts\"",\""url\"":\""https:\\/\\/opmantek.com\\/opcharts-dashboards-charts-management\\/\""},\""opConfig\"":{\""name\"":\""opConfig\"",\""file\"":\""\\/install\\/opconfigd.init.d\"",\""link\"":\""\\/omk\\/opConfig\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-configuration-management-opconfig\\/\""},\""Open-AudIT\"":{\""name\"":\""Open-AudIT\"",\""file\"":\""\\/bin\\/oae-tasks.sh\"",\""link\"":\""\\/omk\\/open-audit\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-audit-software\\/\""},\""opEvents\"":{\""name\"":\""opEvents\"",\""file\"":\""\\/install\\/opeventsd.init.d\"",\""link\"":\""\\/omk\\/opEvents\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/opevents-traps-network-event-management\\/\""},\""opFlow\"":{\""name\"":\""opFlow\"",\""file\"":\""\\/bin\\/opflow-cli.pl\"",\""link\"":\""\\/omk\\/opFlow\"",\""url\"":\""https:\\/\\/opmantek.com\\/netflow-analyzer-collector-opflow\\/\""},\""opHA\"":{\""name\"":\""opHA\"",\""file\"":\""\"",\""link\"":\""\\/omk\\/opHA\"",\""url\"":\""https:\\/\\/opmantek.com\\/distributed-network-management-system\\/\""},\""opLicensing\"":{\""name\"":\""opLicensing\"",\""file\"":\""\\/lib\\/opLicense.pm.exe\"",\""link\"":\""\\/omk\\/opLicense\"",\""url\"":\""#\""},\""opReports\"":{\""name\"":\""opReports\"",\""file\"":\""\\/bin\\/opreports-cli.pl\"",\""link\"":\""\\/omk\\/opReports\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-configuration-management-opconfig\\/\""},\""opSLA\"":{\""name\"":\""opSLA\"",\""file\"":\""\"",\""link\"":\""\\/omk\\/opSLA\"",\""url\"":\""https:\\/\\/opmantek.com\\/ip-sla-monitor-cisco-ipsla\\/\""},\""Other Modules\"":{\""name\"":\""Other Modules\"",\""link\"":\""https:\\/\\/opmantek.com\\/network-management-system-tools\\/\"",\""url\"":\""https:\\/\\/opmantek.com\\/network-management-system-tools\\/\""}}', edited_by = 'system', edited_date = NOW() WHERE id = 138", "6644","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_networks::upsert","success","running sql (0.00038290023803711)","/* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '127.0.0.0/8'", "6645","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_networks::upsert","success","running sql (0.0002281665802002)","/* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '172.31.0.0/20'", "6646","2020-11-19 17:54:56","1605804896.5076","system","7","debug","13220","","tester31","10.2.5.16","logon","","m_networks::upsert","success","running sql (0.00023794174194336)","/* m_networks::upsert */ SELECT * FROM networks WHERE networks.org_id = 1 AND networks.network = '10.254.0.0/18'", "6647","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00013589859008789)","/* m_configuration::load */ SELECT NOW() as `timestamp`", "6648","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00015401840209961)","/* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`", "6649","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00045013427734375)","/* m_configuration::load */ SELECT count(*) as device_count FROM `system`", "6650","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","","","logon","success","set format","Set format to screen, according to HEADERS.", "6651","2020-11-19 17:55:11","1605804911.9456","system","7","debug","14513","","tester31","10.2.5.16","logon","","m_logon::logon","reading data","Retrieved LDAP Servers","1 LDAP servers retrieved from database.", "6652","2020-11-19 17:55:11","1605804911.9456","system","6","info","14513","","tester31","10.2.5.16","logon","","m_logon::logon","fail","Invalid credentials","Invalid user supplied credentials for LDAP server at 172.23.11.100, skipping.", "6653","2020-11-19 17:55:12","1605804911.9456","system","5","notice","14513","","tester31","10.2.5.16","logon","","m_logon::logon","success","User logged on","Existing user admin logged on (local account).", "6654","2020-11-19 17:55:12","1605804912.0382","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00010919570922852)","/* m_configuration::load */ SELECT NOW() as `timestamp`", "6655","2020-11-19 17:55:12","1605804912.0382","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00014615058898926)","/* m_configuration::load */ SELECT TIME_FORMAT(TIMEDIFF(NOW(),CONVERT_TZ(NOW(),@@session.time_zone,'+00:00')),'%H%i') AS `tz`", "6656","2020-11-19 17:55:12","1605804912.0382","system","7","debug","14513","","tester31","10.2.5.16","","","m_configuration::load","success","running sql (0.00046205520629883)","/* m_configuration::load */ SELECT count(*) as device_count FROM `system`",
Add your comment...
Hi guys, i have this scenario :
COMMUNITY VERSION
version 3.5.1 of Open-AudIT.
tester31, and it's OS is LinuxCENTOS 7.7.1908
mysqli (version 5.5.65-MariaDB).
Apache/2.4.6 (CentOS) PHP/5.4.16 .
PHP version is 5.4.16
I want configure OpenLdap parameter for the user acces.
In my ldapserver no error :
[18/Nov/2020:15:05:33.229988796 +0100] conn=6304717 fd=270 slot=270 connection from 172.31.11.224 to 172.23.11.100
[18/Nov/2020:15:05:33.230080894 +0100] conn=6304717 op=0 BIND dn="uid=lala.lala,ou=People,dc=rm,dc=it,dc=noverca,dc=com" method=128 version=3
[18/Nov/2020:15:05:33.230461091 +0100] conn=6304717 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=lala.lala,ou=people,dc=rm,dc=it,dc=noverca,dc=com"
[18/Nov/2020:15:05:33.242457159 +0100] conn=6304717 op=1 BIND dn="uid=pippo.pippo,ou=People,dc=rm,dc=it,dc=noverca,dc=com" method=128 version=3
[18/Nov/2020:15:05:33.242926563 +0100] conn=6304717 op=1 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=pippo.pippo,ou=people,dc=rm,dc=it,dc=noverca,dc=com"
[18/Nov/2020:15:05:33.244269426 +0100] conn=6304717 op=2 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(uid=lala.lala)" attrs=ALL
[18/Nov/2020:15:05:33.245134333 +0100] conn=6304717 op=2 RESULT err=0 tag=101 nentries=1 etime=0
[18/Nov/2020:15:05:33.246544305 +0100] conn=6304717 op=3 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_roles_admin)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.246683740 +0100] conn=6304717 op=3 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.247349056 +0100] conn=6304717 op=4 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_roles_org_admin)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.247413431 +0100] conn=6304717 op=4 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.248025889 +0100] conn=6304717 op=5 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_roles_reporter)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.248072273 +0100] conn=6304717 op=5 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.248750018 +0100] conn=6304717 op=6 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_roles_user)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.248811612 +0100] conn=6304717 op=6 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.249559142 +0100] conn=6304717 op=7 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_roles_collector)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.249609554 +0100] conn=6304717 op=7 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.250428527 +0100] conn=6304717 op=8 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_roles_agent)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.250475981 +0100] conn=6304717 op=8 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.251087611 +0100] conn=6304717 op=9 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_orgs_default_organisation)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.251155655 +0100] conn=6304717 op=9 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.251819668 +0100] conn=6304717 op=10 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_orgs_it)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.251887815 +0100] conn=6304717 op=10 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.252580601 +0100] conn=6304717 op=11 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_orgs_netscaperoot)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.252630218 +0100] conn=6304717 op=11 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.253294172 +0100] conn=6304717 op=12 SRCH base="dc=rm,dc=it,dc=noverca,dc=com" scope=2 filter="(&(cn=open-audit_orgs_people)(memberUid=lala.lala))" attrs=ALL
[18/Nov/2020:15:05:33.253374856 +0100] conn=6304717 op=12 RESULT err=0 tag=101 nentries=0 etime=0
[18/Nov/2020:15:05:33.680853133 +0100] conn=6301957 op=3 UNBIND
[18/Nov/2020:15:05:33.680872187 +0100] conn=6301957 op=3 fd=127 closed - U1
Help me !!!
Have you a Open Ldap configuration to show me .
What are step by step a setting for open ldap .I searched and found only guide for active directory.
Thanks a lot