Nagios Support Forums
Hi!
There is some problem with the escape of symbols in the connection with LDAP/Active Directory. In AD we have an OU with special characters (<>) that we cannot see in the LDAP/Active Directory user add console, it seems that it is not able to read this data:
OU=<GROUPS>
I attach an image of how it appears in the AD user administration.
Is there a way to escape the symbols?
thanks!
Commercial Support Clients: Clients with support contracts can get escalated support assistance by visiting Nagios Answer Hub. These forums are for community support services. Although we at Nagios try our best to help out on the forums here, we always give priority support to our support clients.
Active Directory escape symbols
8 posts
• Page 1 of 1
Active Directory escape symbols
by sasicjcyl » Thu Feb 02, 2023 5:39 am
You do not have the required permissions to view the files attached to this post.
Last edited by sasicjcyl on Tue Feb 07, 2023 3:43 am, edited 1 time in total.
- sasicjcyl
- Posts: 6
- Joined: Thu Feb 02, 2023 4:33 am
Re: Active Directory scape simbols
by kg2857 » Thu Feb 02, 2023 11:52 am
Did you try OU=<\GROUPS\>
Think about searching the internet about your question. It will give you a million possibilities in the blink of an eye.
- kg2857
- Posts: 105
- Joined: Thu Jan 26, 2023 8:47 pm
Re: Active Directory scape simbols
by sasicjcyl » Fri Feb 03, 2023 1:40 am
thanks for your answer!
Yes, I try with:
and putting multiples "\", but the result is the same.
It seems to me that the problem is in the data output page (php) of the LDAP/AD data administration, which does not admit special symbols.
Yes, I try with:
- Code: Select all
OU=<\GROUPS\>
OU=\<GROUPS\>
OU="\<GROUPS\>"
and putting multiples "\", but the result is the same.
It seems to me that the problem is in the data output page (php) of the LDAP/AD data administration, which does not admit special symbols.
- sasicjcyl
- Posts: 6
- Joined: Thu Feb 02, 2023 4:33 am
Re: Active Directory scape simbols
by kg2857 » Fri Feb 03, 2023 2:09 am
Sorry,
I had a typo in my reply but you got it right with OU=\<GROUPS\> to escape the <> chars.
Are you sure <GROUPS> doesn't mean replace that text (<GROUPS>) with a group name? Its very common to mean that--I use it all the time.
If you got to the point where it displays what's in the pic you should be able to dig down and get to the users.
I had a typo in my reply but you got it right with OU=\<GROUPS\> to escape the <> chars.
Are you sure <GROUPS> doesn't mean replace that text (<GROUPS>) with a group name? Its very common to mean that--I use it all the time.
If you got to the point where it displays what's in the pic you should be able to dig down and get to the users.
Think about searching the internet about your question. It will give you a million possibilities in the blink of an eye.
- kg2857
- Posts: 105
- Joined: Thu Jan 26, 2023 8:47 pm
Re: Active Directory scape simbols
by sasicjcyl » Fri Feb 03, 2023 5:42 am
No, the OU name is <GROUPS>. there isn´t a tag.
It is not capable of extracting anything from the tree, not even a single CN, that is why I think that the special characters are not escaped in the output of the PHP script and it is not capable of recognizing the structure.
It is not capable of extracting anything from the tree, not even a single CN, that is why I think that the special characters are not escaped in the output of the PHP script and it is not capable of recognizing the structure.
- sasicjcyl
- Posts: 6
- Joined: Thu Feb 02, 2023 4:33 am
Re: Active Directory scape simbols
by sasicjcyl » Mon Feb 06, 2023 11:22 am
I have attached more information in case it may help:
This is the output in the log /var/log/httpd/ssl_error_log
depending on the DN that I set:
DN = DC=company,DC=red
The data that I have attached in the initial image is shown, where only the branches of the tree that do not hang from <GROUPS> are seen.
<GROUPS> is displayed as \
DN OU=<GROUPS>,DC=company,DC=red
Nothing from the tree content is displayed.
This is the output in the log /var/log/httpd/ssl_error_log
depending on the DN that I set:
DN = DC=company,DC=red
The data that I have attached in the initial image is shown, where only the branches of the tree that do not hang from <GROUPS> are seen.
<GROUPS> is displayed as \
- Code: Select all
[Mon Feb 06 16:33:03.378718 2023] [:error] [pid 16837] [client 10.16.124.103:56180] PHP Notice: Undefined variable: list_html in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/index.php on line 736, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
DN OU=<GROUPS>,DC=company,DC=red
Nothing from the tree content is displayed.
- Code: Select all
[Mon Feb 06 16:25:03.387814 2023] [:error] [pid 16871] [client 10.16.124.103:55960] PHP Warning: ldap_list(): Search: Invalid DN syntax in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 156, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
[Mon Feb 06 16:25:03.387866 2023] [:error] [pid 16871] [client 10.16.124.103:55960] PHP Warning: ldap_control_paged_result_response() expects parameter 2 to be resource, boolean given in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 161, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
[Mon Feb 06 16:25:03.587106 2023] [:error] [pid 16871] [client 10.16.124.103:55960] PHP Warning: ldap_list(): Search: Invalid DN syntax in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 156, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
[Mon Feb 06 16:25:03.587152 2023] [:error] [pid 16871] [client 10.16.124.103:55960] PHP Warning: ldap_control_paged_result_response() expects parameter 2 to be resource, boolean given in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 161, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
[Mon Feb 06 16:25:03.784122 2023] [:error] [pid 16871] [client 10.16.124.103:55960] PHP Warning: ldap_list(): Search: Invalid DN syntax in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 156, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
[Mon Feb 06 16:25:03.784166 2023] [:error] [pid 16871] [client 10.16.124.103:55960] PHP Warning: ldap_control_paged_result_response() expects parameter 2 to be resource, boolean given in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/adLDAP/src/classes/adLDAPFolders.php on line 161, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
[Mon Feb 06 16:25:03.786384 2023] [:error] [pid 16871] [client 10.16.124.103:55960] PHP Notice: Undefined variable: list_html in /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/index.php on line 736, referer: https://nagiospre.ae.company.es/nagiosxi/includes/components/ldap_ad_integration/index.php
- sasicjcyl
- Posts: 6
- Joined: Thu Feb 02, 2023 4:33 am
Re: Active Directory scape simbols
by kg2857 » Mon Feb 06, 2023 3:50 pm
Maybe try ^ to escape <>?
Think about searching the internet about your question. It will give you a million possibilities in the blink of an eye.
- kg2857
- Posts: 105
- Joined: Thu Jan 26, 2023 8:47 pm
Re: Active Directory escape symbols
by sasicjcyl » Tue Feb 07, 2023 3:46 am
Nothing... I've tried with OU=^<GROUPS^> but no luck, it doesn't show any data.
- sasicjcyl
- Posts: 6
- Joined: Thu Feb 02, 2023 4:33 am
8 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 23 guests
