Hi OpenVAS List, I'm trying to get Greenbone security assistant to accept ldap authentication using Mirosoft AD. I can get ldapsearch to look though the directory and pull back DN information by using the following:
ldapsearch -x -h 172.19.0.4 -D "joe.mad...@costaina2m2.com" -W -b "ou=AADDC Users,dc=costaina2m2,dc=com" -s sub "(cn=Joe Madden)" With the account password of joe.mad...@costaina2m2.com<mailto:joe.mad...@costaina2m2.com> Trying to get Openvas to accept joe.mad...@costaina2m2.com<mailto:joe.mad...@costaina2m2.com> is not possible therefore I suspect we need to use something like this in the ldap settings: userPrincipalName=%s...@costaina2m2.com,ou=AADDC Users,dc=costaina2m2,dc=com In the log we get: gsad vali: DEBUG:2018-08-28 13h09.04 UTC:8933: openvas_validate: matched gsad vali: DEBUG:2018-08-28 13h09.04 UTC:8933: openvas_validate: name login value Joe.Madden gsad vali: DEBUG:2018-08-28 13h09.04 UTC:8933: matching <^[[:alnum:]-_@.]+$> against <Joe.Madden>: gsad vali: DEBUG:2018-08-28 13h09.04 UTC:8933: openvas_validate: matched lib serv: DEBUG:2018-08-28 13h09.04 UTC:8933: Connected to server '127.0.0.1' port 9390. lib serv: DEBUG:2018-08-28 13h09.04 UTC:8933: Shook hands with server '127.0.0.1' port 9390. lib xml: DEBUG:2018-08-28 13h09.04 UTC:8933: asking for 1048576 lib xml: DEBUG:2018-08-28 13h09.05 UTC:8933: <= <authenticate_response status="500" status_text="Internal error"/> gsad base: DEBUG:2018-08-28 13h09.05 UTC:8933: xsl stylesheet: [<login_page><version>7.0.3</version><vendor_version></vendor_version><token></token><http_only>0</http_only><time>Tue Aug 28 13:09:05 2018 UTC</time><message>Login failed.</message><i18n>en_US</i18n><guest><username></username></guest></login_page>] gsad base: DEBUG:2018-08-28 13h09.05 UTC:8933: text to transform: [<login_page><version>7.0.3</version><vendor_version></vendor_version><token></token><http_only>0</http_only><time>Tue Aug 28 13:09:05 2018 UTC</time><message>Login failed.</message><i18n>en_US</i18n><guest><username></username></guest></login_page>] gsad xslt: DEBUG:2018-08-28 13h09.05 UTC:8933: Registering i18n XSLT module gsad main:WARNING:2018-08-28 13h09.05 UTC:8933: Authentication failure for 'Joe.Madden' from 127.0.0.1 gsad main: DEBUG:2018-08-28 13h09.05 UTC:8933: connectiontype=1 I guess there is something incorrect with the AuthDN, Does anyone have any suggestions on how to get it to work? I've tried the documentation but can't really get any further with it. Joe.
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss