Racktables is a mature and robust solution for datacenter and server room asset management. It helps document hardware assets, network addresses, space in racks, networks configuration and more.
To enable Active Directory authentication you need to edit secret.php and add the LDAP option along with the Base DN to search for.
<?php
/* This file has been generated automatically by RackTables installer.
* you shouldn't normally edit it unless your database setup has changed.
*/
$pdo_dsn = 'mysql:host=localhost;dbname=racktables';
$db_username = 'DBusername';
$db_password = 'DBpassword';
// Default setting is to authenticate users locally, but it is possible to
// employ existing LDAP or Apache userbase. Uncommenting below two lines MAY
// help in switching authentication to LDAP completely.
// More info: http://sourceforge.net/apps/mediawiki/racktables/index.php?title=RackTablesAdminGuide
$user_auth_src = 'ldap';
$require_local_account = FALSE;
// This is only necessary for 'ldap' authentication soure
$LDAP_options = array
(
'server' => 'domaincontroller1.domain.com domain.controller2.domain.com',
'domain' => 'domain.com',
'search_attr' => 'sAMAccountName',
'search_dn' => 'OU=Users,OU=MyBusiness,DC=domain,DC=com',
'displayname_attrs' => 'givenname sn',
'options' => array (LDAP_OPT_PROTOCOL_VERSION => 3, LDAP_OPT_REFERRALS => 0),
);
?> |
<?php
/* This file has been generated automatically by RackTables installer.
* you shouldn't normally edit it unless your database setup has changed.
*/
$pdo_dsn = 'mysql:host=localhost;dbname=racktables';
$db_username = 'DBusername';
$db_password = 'DBpassword';
// Default setting is to authenticate users locally, but it is possible to
// employ existing LDAP or Apache userbase. Uncommenting below two lines MAY
// help in switching authentication to LDAP completely.
// More info: http://sourceforge.net/apps/mediawiki/racktables/index.php?title=RackTablesAdminGuide
$user_auth_src = 'ldap';
$require_local_account = FALSE;
// This is only necessary for 'ldap' authentication soure
$LDAP_options = array
(
'server' => 'domaincontroller1.domain.com domain.controller2.domain.com',
'domain' => 'domain.com',
'search_attr' => 'sAMAccountName',
'search_dn' => 'OU=Users,OU=MyBusiness,DC=domain,DC=com',
'displayname_attrs' => 'givenname sn',
'options' => array (LDAP_OPT_PROTOCOL_VERSION => 3, LDAP_OPT_REFERRALS => 0),
);
?>
The important lines to notice are $user_auth_src = ‘ldap’; which states to use ldap as the authentication source and the line – $require_local_account = FALSE; that states that there does not need to be a local user in the database. Our preference was to have this as false and instead let the person access racktables if authenticated. Permissions in racktables then handle what the person can or cant see.
You will also want to run racktables over https if you are using LDAP authentication since the passwords could possibly be sniffed.
Now that you have setup the LDAP authentication you need to go into Configuration then permissions in Racktables and set what you want to access.
If you were to simply want any authenticated user admin access you would simply add the line:
If you were to want a specific user admin access you would add the line:
and finally for a member of a specific group you would use:
You will want to restrict access depending on what group membership a person uses but by having AD authentication means it is simple and quick to grant a user access. Simply put them in the relevant group and they can login straight away.