We recommend you to secure you OCS Inventory NG Server. Since OCS Inventory NG 2.0, warning message prevents you about a security risk in management console.
You have to remove install.php in ocsreports directory. Generally under linux in
/usr/share/ocsinventory-reports/ocsreports/
By default, an account is created by installation script : admin / admin You have to create your own account with Super Administrator profile, and after that remove default account. An other solution is to change the admin account password.
By default, installation script create a mysql user ocs with password ocs. We recommend you to change minimum the password, but better thing is to create a new mysql user.
Connect to your mysql server
mysql -u root -p
Create a new user: user with password:password with all privileges for ocsweb database.
GRANT ALL PRIVILEGES ON `ocsweb` .* TO 'user'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;
Under Linux, generally in
/usr/share/ocsinventory-reports/ocsreports/
define("DB_NAME", "ocsweb");
define("SERVER_READ", "localhost");
define("SERVER_WRITE", "localhost");
define("COMPTE_BASE", "ocs");
define("PSWD_BASE", "ocs");
Under Linux, generally in
/etc/apache2/conf-available/
# User allowed to connect to database
PerlSetEnv OCS_DB_USER user
# Password for user
PerlSetVar OCS_DB_PWD password
Warning: Don't forget to restart apache. Else, OCS Inventory NG server will return an ERROR 500 to agents which contact it.
Warning: We recommend you to secure your server following preceding paragraphs, but if you want, you can desactivate warning message in GUI
You have to connect to management console, click on User icon, then on Administer profiles tab, and choose the profile to modify.
Click on Rights to manage tab, an set See warning messages of the GUI to NO.
Finally, register modification.
For more informations about users and profile, click here.