SSO Not showing Devices after set up

Help
1

I have set up SSO with Microsoft and I can log in and that works fine. My problem is that I set my self as an admin and I cannot see any of my devices setting etc. Here is a snip of the config.php. Also where in the world is th “db config” hiding at?

Authentication Model

#$config[‘auth_mechanism’] = “mysql”; # default, other options: ldap, http-auth
#$config[‘http_auth_guest’] = “guest”; # remember to configure this user if you use http-auth
$config[‘auth_mechanism’] = “sso”;
$config[‘sso’][‘mode’] = “env”;
#$config[‘sso’][‘group_strategy’] = “static”;
#$config[‘sso’][‘static_level’] = “10”;
$config[‘sso’][‘create_users’] = true;
$config[‘sso’][‘update_users’] = true;
$config[‘sso’][‘email_attr’] = “mail”;
$config[‘sso’][‘realname_attr’] = “displayName”;
$config[‘sso’][‘descr_attr’] = “unscoped-affiliation”;
$config[‘sso’][‘group_strategy’] = “map”;
$config[‘sso’][‘group_attr’] = “member”;
$config[‘sso’][‘group_level_map’] = [‘librenms-admins’ => 10, ‘librenms-readers’ => 1, ‘librenms-billingcontacts’ => 5];
$config[‘sso’][‘group_delimiter’] = ‘;’;

2

lnms config:get sso or in the webui to show the “db config”
Your users are probably not getting assigned permissions. Check in the users list.

3

So i cannot get into the web gui to show anything due to current permissions. Where is this user list at? Is there one in LibreNMS or are you referring to the Microsoft side? Is there no way to show the DB config in cli? Also do you know how to fully remove SSO?

this config below

Screenshot 2023-08-05 092606
Screenshot 2023-08-05 0926062364×456 35.4 KB

4

If you put the sso configuration in config.php then remove it from there.

Socialite doesn’t set the group level permissions on users, so you either have to update the database tables manually or edit user permissions using the web UI.

Or you could apply this PR Add support for Okta Group claims to set user role by peejaychilds · Pull Request #15020 · librenms/librenms · GitHub and
lnms config:set auth.socialite.default_role admin

5

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.