[Openvas-discuss] LDAP Integration

Madden, Joe Tue, 28 Aug 2018 06:11:40 -0700

Hi OpenVAS List,

I'm trying to get Greenbone security assistant to accept ldap authentication 
using Mirosoft AD. I can get ldapsearch to look though the directory and pull 
back DN information by using the following:


ldapsearch -x -h 172.19.0.4 -D "joe.mad...@costaina2m2.com" -W -b "ou=AADDC 
Users,dc=costaina2m2,dc=com" -s sub "(cn=Joe Madden)"

With the account password of 
joe.mad...@costaina2m2.com<mailto:joe.mad...@costaina2m2.com>

Trying to get Openvas to accept 
joe.mad...@costaina2m2.com<mailto:joe.mad...@costaina2m2.com> is not possible 
therefore I suspect we need to use something like this in the ldap settings:

userPrincipalName=%s...@costaina2m2.com,ou=AADDC Users,dc=costaina2m2,dc=com

In the log we get:

gsad vali:  DEBUG:2018-08-28 13h09.04 UTC:8933: openvas_validate: matched
gsad vali:  DEBUG:2018-08-28 13h09.04 UTC:8933: openvas_validate: name login 
value Joe.Madden
gsad vali:  DEBUG:2018-08-28 13h09.04 UTC:8933: matching <^[[:alnum:]-_@.]+$> 
against <Joe.Madden>:
gsad vali:  DEBUG:2018-08-28 13h09.04 UTC:8933: openvas_validate: matched
lib  serv:  DEBUG:2018-08-28 13h09.04 UTC:8933:    Connected to server 
'127.0.0.1' port 9390.
lib  serv:  DEBUG:2018-08-28 13h09.04 UTC:8933:    Shook hands with server 
'127.0.0.1' port 9390.
lib   xml:  DEBUG:2018-08-28 13h09.04 UTC:8933:    asking for 1048576
lib   xml:  DEBUG:2018-08-28 13h09.05 UTC:8933: <= <authenticate_response 
status="500" status_text="Internal error"/>
gsad base:  DEBUG:2018-08-28 13h09.05 UTC:8933: xsl stylesheet: 
[<login_page><version>7.0.3</version><vendor_version></vendor_version><token></token><http_only>0</http_only><time>Tue
 Aug 28 13:09:05 2018 UTC</time><message>Login 
failed.</message><i18n>en_US</i18n><guest><username></username></guest></login_page>]
gsad base:  DEBUG:2018-08-28 13h09.05 UTC:8933: text to transform: 
[<login_page><version>7.0.3</version><vendor_version></vendor_version><token></token><http_only>0</http_only><time>Tue
 Aug 28 13:09:05 2018 UTC</time><message>Login 
failed.</message><i18n>en_US</i18n><guest><username></username></guest></login_page>]
gsad xslt:  DEBUG:2018-08-28 13h09.05 UTC:8933: Registering i18n XSLT module
gsad main:WARNING:2018-08-28 13h09.05 UTC:8933: Authentication failure for 
'Joe.Madden' from 127.0.0.1
gsad main:  DEBUG:2018-08-28 13h09.05 UTC:8933: connectiontype=1

I guess there is something incorrect with the AuthDN, Does anyone have any 
suggestions on how to get it to work?

I've tried the documentation but can't really get any further with it.

Joe.

_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss

[Openvas-discuss] LDAP Integration

Reply via email to