PenTest.WS Documentation
  • What is PenTest.WS?
    • Tier Comparison
  • Getting Started
    • Dashboard
    • Creating An Engagement
    • Main Window Layout
    • Engagement Console
    • Import Nmap & Masscan XML
    • Port Scan Templates
    • Adding Hosts Manually
    • Adding Ports to Hosts
    • Capturing Credentials
  • Hosts & Services
    • Host Page
    • Port Page
    • Global Service Notes
    • Service Command Library
    • Default Service Checklist
    • Scratchpad Editor
  • People & Events
    • People Hacking
    • Events Timeline
  • Views & Filtering
    • Boards
    • The Matrix
    • Subnetting
  • User Libraries
    • Shells Library
    • General Command Library
    • General Notes Library
    • Bookmark Library
  • Built-In Tools
    • Echo Up
    • CyberChef
    • Venom Builder
  • Search Capabilities
    • CVE DB
    • Exploit-DB
    • Nmap Scripts
    • Metasploit Modules
    • Keyword Search
  • Findings
    • Findings Admin
    • Findings Library
    • Engagement Findings
  • Clients & Reporting
    • Write-Ups
    • Clients Manager
    • Reporting Templates
    • Generating Deliverables
  • Collaboration
    • User Maintenance
    • Shared Engagements
    • Access Control List
  • Automation & Integration
    • API
    • SMTP
  • Authentication
    • Two-Factor Authentication
    • LDAP Authentication
  • Exporting & Importing
    • Export Account Items
    • Import Account Items
    • Export to CSV / JSON
  • Pro Tier
    • Admin Panel
    • Intranet Mode
    • Solo Mode
    • Large Engagement Support
Powered by GitBook
On this page
  • Admin Panel LDAP URL
  • LDAP User Setup
  • Tier Availability
  1. Authentication

LDAP Authentication

PreviousTwo-Factor AuthenticationNextExport Account Items

Last updated 2 years ago

Authentication in Pro Tier can use the Local Strategy where username and passwords are stored in the PenTest.WS database, or authentication can check an LDAP server for password authentication.

Users who are authenticating against LDAP need to have an entry in both the PenTest.WS Pro Tier server's system and the LDAP server. You'll also need to add the user's LDAP distinguished name (DN) to their user profile.

Admin Panel LDAP URL

Example URL: http://localhost:7897/admin

The first step to setup LDAP integration is to enter the LDAP URL in the Intranet Mode Config section of the Admin Panel.

LDAP User Setup

Example URL: http://localhost:7897/admin/user/{user.id}/edit

  1. Edit the user profile of the user you want to enable LDAP authentication

  2. Change the Login Strategy to LDAP

  3. Enter the user's distinguished name (DN)

When the user attempts to login the Pro Tier server application will check their username in the local database to lookup their LDAP DN and then check the password against the LDAP server.

If the user has Two-Factor Authentication enabled they will then be prompted for their one-time password as well.

2FA is always handled locally through PenTest.WS

Tier Availability

LDAP Authentication is available on Pro Tier.

Click

User Maintenance
LDAP URL
User LDAP Setup