Not able to authenticate with check_ldap

This board serves as an open discussion and support collaboration point for Nagios XI. NOTE: Nagios XI customers should use the Customer Support forum to obtain expedited support.

Not able to authenticate with check_ldap

Postby jmashburn » Wed Oct 23, 2019 9:49 am

I am trying to set up Active Directory using a Windows DC, and it keeps failing to bind. When I run the this command:
/usr/local/nagios/libexec/check_ldap -H somedc.domain.com -b "OU=Users,OU=IT Admins - NO GPOs,DC=****,DC=******,DC=com" -D "CN=admin,OU=Users,OU=IT Admins - NO GPOs,DC=******,DC=*****,DC=com" -P "******" -3 -v
It returns back with invalid credentials (49). I know these credentials work because I am remoted into the DC with those credentials and I can verify that it is communicating with the DC because the account keeps getting locked after a few tries.

I am kind of out of ideas on what to do, since I know this account works and I know the account is a domain admin, and I know the password is right, so is there something I am missing?
jmashburn
 
Posts: 4
Joined: Tue Aug 06, 2019 3:14 pm

Re: Not able to authenticate with check_ldap

Postby cdienger » Wed Oct 23, 2019 4:00 pm

Do you have any special characters in the password? If you do you'll need to escape them and remove the quotes. For example:

Code: Select all
/usr/local/nagios/libexec/check_ldap -H somedc.domain.com -b "OU=Users,OU=IT Admins - NO GPOs,DC=****,DC=******,DC=com" -D "CN=admin,OU=Users,OU=IT Admins - NO GPOs,DC=******,DC=*****,DC=com" -P password\! -3 -v
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 3774
Joined: Tue Feb 07, 2017 11:26 am

Re: Not able to authenticate with check_ldap

Postby jmashburn » Thu Oct 24, 2019 10:21 am

Yup that was it. I didn't think about the special character. Verified it works once escaped.
jmashburn
 
Posts: 4
Joined: Tue Aug 06, 2019 3:14 pm

Re: Not able to authenticate with check_ldap

Postby scottwilkerson » Thu Oct 24, 2019 10:34 am

jmashburn wrote:Yup that was it. I didn't think about the special character. Verified it works once escaped.

Great!

Locking thread
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
scottwilkerson
DevOps Engineer
 
Posts: 17020
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises


Return to Nagios XI

Who is online

Users browsing this forum: Bing [Bot] and 21 guests