¶ Authorization servers (external database)
Authorization servers are used to collect information and verify credentials. They record the paths to all users, servers, and resources of the composite network. Thanks to them, you can easily manage the user base and their access to services and applications. Integration of the NACVIEW system with authorization servers will allow them to be used as a source of information. If the user is not created locally, the information about him must be retrieved from the outside - by synchronization with databases. Authorization servers in NACVIEW are divided into three different types: for synchronizing administrative accounts, identities, and end devices.
¶ How do I set up an authorization server? Follow a few easy steps.
-
After logging in to the NACVIEW system, click on the Menu button located on the top bar of the website.
-
From the expanded list, select Authorization servers from the Configuration section.
-
Press the +Create new button.
-
Fill in the form for creating a new service: enter the name of the server, select the purpose of the authorization server and the type of authorization. If the authorization type is an external database, you must specify its driver. The following database drivers are available in NACVIEW: MySQL PDO, MySQL PDO Drizzle, MySQLi, Oracle OCI8, PostgreSQL, ODBC and SqlSrv.
- Click +More options at the bottom of the form to expand the remaining fields. Complement them with the values of your choice.
- In the case of identity synchronization, additional fields are available. Click +More action to expand them and complete them as you wish.
-
Save the set values.
-
Find the server you just added in the list (by default it should appear at the end of the list) and double-click on the newly added row. A window should appear on the right. If you want to set the association with external groups and/or the association with external object groups, click more button and select Import settings, enter the appropriate data and save. If you want to request the download of new objects, click Synchronize.
By default, the system synchronizes objects once a day during night hours.
Object groups that are synchronized during import have greater rights than local object groups. For example, if you add an identity locally to object groups A, B, and C, and synchronization is set to group C, the system removes the identity from group A and B and leaves it in C. If you don't specify any associated object groups during import, then nothing will change with local groups.
¶ Example view for MySQL to synchronize database objects:
CREATE TABLE ext_network_account (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(255) COLLATE utf8_unicode_ci NOT NULL,
surname varchar(255) COLLATE utf8_unicode_ci NOT NULL,
email varchar(255) COLLATE utf8_unicode_ci NOT NULL,
login varchar(255) COLLATE utf8_unicode_ci NOT NULL,
password varchar(128) COLLATE utf8_unicode_ci DEFAULT NULL,
phone varchar(128) COLLATE utf8_unicode_ci DEFAULT NULL,
secondLogin varchar(255) COLLATE utf8_unicode_ci DEFAULT NULL,
isEnabled tinyint(1) NOT NULL,
externalId varchar(255) COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE ext_network_account_unit (
networkAccountId int(11) NOT NULL,
unitId int(11) NOT NULL,
PRIMARY KEY (networkAccountId,unitId),
KEY IDX_355A5C91632C4FBA (networkAccountId),
KEY IDX_355A5C91B29DDDF5 (unitId),
CONSTRAINT FK_355A5C91632C4FBA FOREIGN KEY (networkAccountId) REFERENCES ext_network_account (id) ON DELETE CASCADE,
CONSTRAINT FK_355A5C91B29DDDF5 FOREIGN KEY (unitId) REFERENCES ext_unit (id) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE ext_unit (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(255) COLLATE utf8_unicode_ci NOT NULL,
symbol varchar(255) COLLATE utf8_unicode_ci NOT NULL,
description text COLLATE utf8_unicode_ci NOT NULL,
isEnabled tinyint(1) NOT NULL,
parentUnitId int(11) DEFAULT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE ext_user (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(255) COLLATE utf8_unicode_ci NOT NULL,
surname varchar(255) COLLATE utf8_unicode_ci NOT NULL,
email varchar(255) COLLATE utf8_unicode_ci NOT NULL,
login varchar(255) COLLATE utf8_unicode_ci NOT NULL,
isEnabled tinyint(1) NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
CREATE TABLE ext_personal_device (
id int(11) NOT NULL AUTO_INCREMENT,
name varchar(255) COLLATE utf8_unicode_ci NOT NULL,
alternativeName varchar(255) COLLATE utf8_unicode_ci NOT NULL,
inventoryNumber varchar(255) COLLATE utf8_unicode_ci NOT NULL,
isEnabled tinyint(1) NOT NULL,
type varchar(255) COLLATE utf8_unicode_ci NOT NULL,
mac1 varchar(128) COLLATE utf8_unicode_ci DEFAULT NULL,
wifi1 tinyint(1) NOT NULL,
defaultip1 varchar(255) COLLATE utf8_unicode_ci NOT NULL,
mac2 varchar(128) COLLATE utf8_unicode_ci DEFAULT NULL,
wifi2 tinyint(1) NOT NULL,
defaultip2 varchar(255) COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
¶ Example view for MSSQL to synchronize database objects:
CREATE TABLE [dbo].[ext_network_account](
[id] [smallint] NOT NULL,
[name] [nchar](255) NULL,
[surname] [nchar](255) NULL,
[email] [nchar](255) NOT NULL,
[login] [nchar](255) NOT NULL,
[password] [nchar](128) NOT NULL,
[phone] [nchar](128) NULL,
[secondLogin] [nchar](255) NULL,
[isEnabled] [smallint] NOT NULL,
[externalId] [nchar](255) NOT NULL
) ON [PRIMARY]
GO
CREATE TABLE [dbo].[ext_network_account_unit](
[networkAccountId] [smallint] NOT NULL,
[unitId] [smallint] NOT NULL
) ON [PRIMARY]
GO
CREATE TABLE [dbo].[ext_personal_device](
[id] [smallint] NOT NULL,
[name] [nchar](255) NOT NULL,
[alternativeName] [nchar](255) NULL,
[inventoryNumber] [nchar](255) NOT NULL,
[isEnabled] [smallint] NOT NULL,
[type] [nchar](255) NOT NULL,
[mac1] [nchar](128) NULL,
[wifi1] [smallint] NULL,
[defaultip1] [nchar](255) NULL,
[mac2] [nchar](128) NULL,
[wifi2] [smallint] NULL,
[defaultip2] [nchar](255) NULL
) ON [PRIMARY]
GO
CREATE TABLE [dbo].[ext_unit](
[id] [smallint] NOT NULL,
[name] [nchar](255) NOT NULL,
[symbol] [nchar](255) NULL,
[description] [nchar](255) NULL,
[isEnabled] [smallint] NOT NULL,
[parentUnitId] [smallint] NULL
) ON [PRIMARY]
GO
CREATE TABLE [dbo].[ext_user](
[id] [smallint] NOT NULL,
[name] [nchar](255) NOT NULL,
[surname] [nchar](255) NOT NULL,
[email] [nchar](255) NOT NULL,
[login] [nchar](255) NOT NULL,
[isEnabled] [smallint] NOT NULL
) ON [PRIMARY]
GO
¶ Example view for PostgreSQL to synchronize database objects:
-- ----------------------------
-- Table structure for ext_network_account
-- ----------------------------
DROP TABLE IF EXISTS "public"."ext_network_account";
CREATE TABLE "public"."ext_network_account" (
"id" int4 NOT NULL,
"name" varchar(255) COLLATE "pg_catalog"."default",
"surname" varchar(255) COLLATE "pg_catalog"."default",
"email" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"login" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"password" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"phone" varchar(255) COLLATE "pg_catalog"."default",
"secondlogin" varchar(255) COLLATE "pg_catalog"."default",
"isenabled" int2 NOT NULL,
"externalid" varchar(255) COLLATE "pg_catalog"."default" NOT NULL
)
;
-- ----------------------------
-- Table structure for ext_network_account_unit
-- ----------------------------
DROP TABLE IF EXISTS "public"."ext_network_account_unit";
CREATE TABLE "public"."ext_network_account_unit" (
"networkaccountid" int4 NOT NULL,
"unitid" int4 NOT NULL
)
;
-- ----------------------------
-- Table structure for ext_personal_device
-- ----------------------------
DROP TABLE IF EXISTS "public"."ext_personal_device";
CREATE TABLE "public"."ext_personal_device" (
"id" int4 NOT NULL,
"name" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"alternativename" varchar(255) COLLATE "pg_catalog"."default",
"inventorynumber" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"isenabled" int2 NOT NULL,
"type" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"mac1" varchar(255) COLLATE "pg_catalog"."default",
"wifi1" int2,
"defaultip1" varchar(255) COLLATE "pg_catalog"."default",
"mac2" varchar(255) COLLATE "pg_catalog"."default",
"wifi2" int2,
"defaultip2" varchar(255) COLLATE "pg_catalog"."default"
)
;
-- ----------------------------
-- Table structure for ext_unit
-- ----------------------------
DROP TABLE IF EXISTS "public"."ext_unit";
CREATE TABLE "public"."ext_unit" (
"id" int4 NOT NULL,
"name" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"symbol" varchar(255) COLLATE "pg_catalog"."default",
"description" varchar(255) COLLATE "pg_catalog"."default",
"isenabled" int2 NOT NULL,
"parentunitid" int4
)
;
-- ----------------------------
-- Table structure for ext_user
-- ----------------------------
DROP TABLE IF EXISTS "public"."ext_user";
CREATE TABLE "public"."ext_user" (
"id" int4 NOT NULL,
"name" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"surname" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"email" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"login" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
"isenabled" int2 NOT NULL
)
;
-- ----------------------------
-- Primary Key structure for table ext_network_account
-- ----------------------------
ALTER TABLE "public"."ext_network_account" ADD CONSTRAINT "ext_network_account_pkey" PRIMARY KEY ("id");
-- ----------------------------
-- Primary Key structure for table ext_personal_device
-- ----------------------------
ALTER TABLE "public"."ext_personal_device" ADD CONSTRAINT "ext_personal_device_pkey" PRIMARY KEY ("id");
-- ----------------------------
-- Primary Key structure for table ext_unit
-- ----------------------------
ALTER TABLE "public"."ext_unit" ADD CONSTRAINT "ext_unit_pkey" PRIMARY KEY ("id");
-- ----------------------------
-- Primary Key structure for table ext_user
-- ----------------------------
ALTER TABLE "public"."ext_user" ADD CONSTRAINT "ext_user_pkey" PRIMARY KEY ("id");
¶ Example view for Oracle DB to synchronize database objects:
id NUMBER GENERATED BY DEFAULT ON NULL AS IDENTITY PRIMARY KEY,
name NVARCHAR2(255),
surname NVARCHAR2(255),
email NVARCHAR2(255),
login NVARCHAR2(255) NOT NULL,
password NVARCHAR2(128),
phone NVARCHAR2(128),
secondLogin NVARCHAR2(255),
isEnabled NUMBER(1) NOT NULL,
externalId NVARCHAR2(255) NOT NULL
);
CREATE TABLE ext_network_account_unit (
networkAccountId NUMBER NOT NULL,
unitId NUMBER NOT NULL,
PRIMARY KEY (networkAccountId, unitId)
);
CREATE TABLE ext_unit (
id NUMBER GENERATED BY DEFAULT ON NULL AS IDENTITY PRIMARY KEY,
name NVARCHAR2(255) NOT NULL,
symbol NVARCHAR2(255) NOT NULL,
description CLOB,
isEnabled NUMBER(1) NOT NULL,
parentUnitId NUMBER
);
CREATE TABLE ext_user (
id NUMBER GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
name NVARCHAR2(255) NOT NULL,
surname NVARCHAR2(255) NOT NULL,
email NVARCHAR2(255) NOT NULL,
login NVARCHAR2(255) NOT NULL,
isEnabled NUMBER(1) NOT NULL
);
CREATE TABLE ext_personal_device (
id NUMBER GENERATED BY DEFAULT ON NULL AS IDENTITY PRIMARY KEY,
name NVARCHAR2(255) NOT NULL,
alternativeName NVARCHAR2(255) NOT NULL,
inventoryNumber NVARCHAR2(255) NOT NULL,
isEnabled NUMBER(1) NOT NULL,
type NVARCHAR2(255) NOT NULL,
mac1 NVARCHAR2(128),
wifi1 NUMBER(1) NOT NULL,
defaultip1 NVARCHAR2(255) NOT NULL,
mac2 NVARCHAR2(128),
wifi2 NUMBER(1) NOT NULL,
defaultip2 NVARCHAR2(255) NOT NULL
);
¶ The password field formats
The password field can take a variety of formats, such as:
Plain text,
MD5 – {MD5}51abb9636078defbf888d8457a7c76f85c8f114c,
SHA-1 – {SHA}51abb9636078defbf888d8457a7c76f85c8f114c,
SHA-2 – {SHA2}51abb9636078defbf888d8457a7c76f85c8f114c,
SHA-256 – {SHA256}51abb9636078defbf888d8457a7c76f85c8f114c,
SSHA – {SSHA}51abb9636078defbf888d8457a7c76f85c8f114c,
SSHA-512 – {SSHA512}51abb9636078defbf888d8457a7c76f85c8f114c,
CRYPT – {CRYPT}51abb9636078defbf888d8457a7c76f85c8f114c,
NT-HASH – {NT}51abb9636078defbf888d8457a7c76f85c8f114c.