Ldap ad authentication levels
Hi,
Is there someone who has the permission levels like 10 for admin working with ad ldap groups?
The ad ldap authentication itself is working for me but I get a screen with 0 devices then.
If it just doesn't work I can stop trying.
Regards,
Frederik Reenders
Hi,
This is correctly documented on the wiki and works as advertised.
http://www.observium.org/wiki/Authentication_configuration_for_Active_Direct...
Tom
On 16/10/2013 21:32, F.Reenders@utwente.nl wrote:
Hi,
Is there someone who has the permission levels like 10 for admin working with ad ldap groups?
The ad ldap authentication itself is working for me but I get a screen with 0 devices then.
If it just doesn't work I can stop trying.
Regards,
Frederik Reenders _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
I tried setting it up by following the wiki and the authenticatie works for me. Only the levels are not working on my system. I must have some problem in my config but cannot find what I'm doing wrong.
If there are people out there who have this working as advertised I know I just have to keep on testing.
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 21:46 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
This is correctly documented on the wiki and works as advertised.
http://www.observium.org/wiki/Authentication_configuration_for_Active_Direct...
Tom
On 16/10/2013 21:32, F.Reenders@utwente.nl wrote:
Hi,
Is there someone who has the permission levels like 10 for admin working with ad ldap groups?
The ad ldap authentication itself is working for me but I get a screen with 0 devices then.
If it just doesn't work I can stop trying.
Regards,
Frederik Reenders _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
_______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
Hi,
if you share your config and the DN of your group this could provide some insight :)
Tom
On 16/10/2013 21:58, F.Reenders@utwente.nl wrote:
I tried setting it up by following the wiki and the authenticatie works for me. Only the levels are not working on my system. I must have some problem in my config but cannot find what I'm doing wrong.
If there are people out there who have this working as advertised I know I just have to keep on testing.
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 21:46 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
This is correctly documented on the wiki and works as advertised.
http://www.observium.org/wiki/Authentication_configuration_for_Active_Direct...
Tom
On 16/10/2013 21:32, F.Reenders@utwente.nl wrote:
Hi,
Is there someone who has the permission levels like 10 for admin working with ad ldap groups?
The ad ldap authentication itself is working for me but I get a screen with 0 devices then.
If it just doesn't work I can stop trying.
Regards,
Frederik Reenders _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
I removed my dc entry's. This is my config:
$config['auth_ldap_group'] = "CN=ICT-Admins-Unix-Observium-Users,OU=Admin Resource Groups,OU=Unix Groups,OU=ICT Management,DC=x,DC=x,DC=x"; $config['auth_ldap_groupbase'] = "OU=Admin Resource Groups,OU=Unix Groups,OU=ICT Management,DC=x,DC=x,DC=x";
$config['auth_ldap_groupmembertype'] = "fulldn"; $config['auth_ldap_groupmemberattr'] = "member";
unset($config['auth_ldap_groups']); $config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Admins']['level'] = 10; #$config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Guests']['level'] = 1;
My account is in both the ICT-Admins-Unix-Observium-Users group and the ICT-Admins-Unix-Observium-Admins group. I still get the level 1 I think because my screen contains 0 devices.
Regards,
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 22:10 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
if you share your config and the DN of your group this could provide some insight :)
Tom
On 16/10/2013 21:58, F.Reenders@utwente.nl wrote:
I tried setting it up by following the wiki and the authenticatie works for me. Only the levels are not working on my system. I must have some problem in my config but cannot find what I'm doing wrong.
If there are people out there who have this working as advertised I know I just have to keep on testing.
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 21:46 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
This is correctly documented on the wiki and works as advertised.
http://www.observium.org/wiki/Authentication_configuration_for_Active_Direct...
Tom
On 16/10/2013 21:32, F.Reenders@utwente.nl wrote:
Hi,
Is there someone who has the permission levels like 10 for admin working with ad ldap groups?
The ad ldap authentication itself is working for me but I get a screen with 0 devices then.
If it just doesn't work I can stop trying.
Regards,
Frederik Reenders _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
_______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
Looks OK at first glance, add /debug to the URL and check in the html source what the LDAP queries are that Observium is doing.
If you add
$config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Users']['level'] = 10;
Do you get level 10?
Tom
On 16/10/2013 22:21, F.Reenders@utwente.nl wrote:
I removed my dc entry's. This is my config:
$config['auth_ldap_group'] = "CN=ICT-Admins-Unix-Observium-Users,OU=Admin Resource Groups,OU=Unix Groups,OU=ICT Management,DC=x,DC=x,DC=x"; $config['auth_ldap_groupbase'] = "OU=Admin Resource Groups,OU=Unix Groups,OU=ICT Management,DC=x,DC=x,DC=x";
$config['auth_ldap_groupmembertype'] = "fulldn"; $config['auth_ldap_groupmemberattr'] = "member";
unset($config['auth_ldap_groups']); $config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Admins']['level'] = 10; #$config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Guests']['level'] = 1;
My account is in both the ICT-Admins-Unix-Observium-Users group and the ICT-Admins-Unix-Observium-Admins group. I still get the level 1 I think because my screen contains 0 devices.
Regards,
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 22:10 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
if you share your config and the DN of your group this could provide some insight :)
Tom
On 16/10/2013 21:58, F.Reenders@utwente.nl wrote:
I tried setting it up by following the wiki and the authenticatie works for me. Only the levels are not working on my system. I must have some problem in my config but cannot find what I'm doing wrong.
If there are people out there who have this working as advertised I know I just have to keep on testing.
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 21:46 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
This is correctly documented on the wiki and works as advertised.
http://www.observium.org/wiki/Authentication_configuration_for_Active_Direct...
Tom
On 16/10/2013 21:32, F.Reenders@utwente.nl wrote:
Hi,
Is there someone who has the permission levels like 10 for admin working with ad ldap groups?
The ad ldap authentication itself is working for me but I get a screen with 0 devices then.
If it just doesn't work I can stop trying.
Regards,
Frederik Reenders _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
Hi Tom,
The /debug is very is nice!
But I don't get a higher userlevel with the config line added to give users level 10. It stays at level 0.
The information seems to match. The user record matches the group members it shows in the debug output. But still level 0.
Regards,
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 22:38 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Looks OK at first glance, add /debug to the URL and check in the html source what the LDAP queries are that Observium is doing.
If you add
$config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Users']['level'] = 10;
Do you get level 10?
Tom
On 16/10/2013 22:21, F.Reenders@utwente.nl wrote:
I removed my dc entry's. This is my config:
$config['auth_ldap_group'] = "CN=ICT-Admins-Unix-Observium-Users,OU=Admin Resource Groups,OU=Unix Groups,OU=ICT Management,DC=x,DC=x,DC=x"; $config['auth_ldap_groupbase'] = "OU=Admin Resource Groups,OU=Unix Groups,OU=ICT Management,DC=x,DC=x,DC=x";
$config['auth_ldap_groupmembertype'] = "fulldn"; $config['auth_ldap_groupmemberattr'] = "member";
unset($config['auth_ldap_groups']); $config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Admins']['level'] = 10; #$config['auth_ldap_groups']['ICT-Admins-Unix-Observium-Guests']['level'] = 1;
My account is in both the ICT-Admins-Unix-Observium-Users group and the ICT-Admins-Unix-Observium-Admins group. I still get the level 1 I think because my screen contains 0 devices.
Regards,
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 22:10 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
if you share your config and the DN of your group this could provide some insight :)
Tom
On 16/10/2013 21:58, F.Reenders@utwente.nl wrote:
I tried setting it up by following the wiki and the authenticatie works for me. Only the levels are not working on my system. I must have some problem in my config but cannot find what I'm doing wrong.
If there are people out there who have this working as advertised I know I just have to keep on testing.
Frederik
-----Original Message----- From: observium [mailto:observium-bounces@observium.org] On Behalf Of Tom Laermans Sent: woensdag 16 oktober 2013 21:46 To: Observium Network Observation System Subject: Re: [Observium] Ldap ad authentication levels
Hi,
This is correctly documented on the wiki and works as advertised.
http://www.observium.org/wiki/Authentication_configuration_for_Active_Direct...
Tom
On 16/10/2013 21:32, F.Reenders@utwente.nl wrote:
Hi,
Is there someone who has the permission levels like 10 for admin working with ad ldap groups?
The ad ldap authentication itself is working for me but I get a screen with 0 devices then.
If it just doesn't work I can stop trying.
Regards,
Frederik Reenders _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
_______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
participants (2)
-
F.Reenders@utwente.nl -
Tom Laermans