LDAP integration issues with Nagios XI

[nysus777]

Hi team,

We are facing an issue with integration with LDAP, wherein we are able to login to the LDAP (from Nagios) using Base DN as 'dc=TEST_SX', however, we are unable to login to the instance with Base DN 'dc=nagios,dc=TEST_SX'. Please find attached screenshots herein.

Also, when we are able to login using Base DN 'dc=TEST_SX', we are unable to see any users listed. We have verified that there are users present at both the locations.

Kindly advise how to troubleshoot this or if there is a known solution to this.

Thanks.

[ruffsense]

did you change the ldap port and is the nagios server and your domain controller in the same domain?

[nysus777]

Hi ruffsense,

Both the servers ie Nagios and ldap are not present in any DNS. We are using port 3389 for registering ldap on nagios which isn't the default port.

Could this be causing any issue?

Thanks.

[dwhitfield]

@nysus777 could you run nmap 10.3.31.16 and either PM or post the results?

If you do not manage the LDAP server, you should tell the admin that you are going to run the scan.

If you PM the results, please update this thread. Updating the thread is the only way for the post to pop back up on our dashboard. Thanks!

[rkennedy]

In addition to what @dwhitfield mentioned on the network side of things, are you running LDAP or AD? If it's AD, you can append the port to the domain controller field such as: dc1.nagios.com:3389.

What directory service / version is running on the backend?

[nysus777]

Hi dwhitfield/rkennedy,

Thank you for your response. I have PM'ed dwhitfield the nmap result.

Also, it is an LDAP instance and not an AD. Moreover, i also need to integrate our prod LDAP instance, so i am assuming that whatever solution we have here for 10.3.31.16, should work for our prod LDAP as well.

Please advise guys.

Thanks.

[dwhitfield]

Port 3389 is not open on your LDAP server. On what OS/version are you running LDAP? cat /etc/*-release may help in that regard. That should help us help you open the port. It would also be useful to know if you have a firewall appliance or NAT.

If you are not the LDAP admin, the LDAP admin should be able to help you with opening the appropriate port. Just so we have an idea of the set up, could you clarify that point for us? Thanks!

[nysus777]

Port 3389 is not open on your LDAP server. On what OS/version are you running LDAP? cat /etc/*-release may help in that regard. That should help us help you open the port. It would also be useful to know if you have a firewall appliance or NAT.

If you are not the LDAP admin, the LDAP admin should be able to help you with opening the appropriate port. Just so we have an idea of the set up, could you clarify that point for us? Thanks!

Hi dwhitfield,

Please find the release version below. Also, i am not admin of the LDAP server so i am not sure opening a port on their end would be a quick fix.

Red Hat Enterprise Linux Server release 7.0 (Maipo)

Thanks.

[nysus777]

Hi dwhitfield,

Also one thing i forgot to mention is that we installed LDAP client on Nagios server and used the LDAP search command to see the list of users.

However, while checking from Nagios application, we aren't able to see any users using Base DN dc=TEST_SX.

Thanks.

[dwhitfield]

Can you send us screenshots of the setup when you are pointing locally? We don't really support LDAP being on the localhost, but I do understand you are just testing now. Is there any way you could set up a VM and run LDAP from there?

As for not being the LDAP admin, when you get to your production system, either you are going to have to change things to an open port, or you are going to have to have them change the port.