Trying to Get AD Authentication Working With Core 4.4.2

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
jmichael
Posts: 2
Joined: Tue Dec 04, 2018 9:09 am

Trying to Get AD Authentication Working With Core 4.4.2

Post by jmichael »

I am trying to get Nagios to authenticate web users logging in to the Nagios URL with Active Directory. I have tried several different things I have found around the web, but still no luck. I am new to Nagios and CentOS7 so any help would be appreciated.

Currently when trying to log into Nagios through a browser when entering my AD credentials the prompt disappears and just keeps re-prompting for credentials. When checking the error logs in etc/httpd/logs I am getting the following error:

[Tue Dec 04 09:16:21.835017 2018] [auth_basic:error] [pid 28139] [client 172.24.3.78:54802] AH01617: user j*****: authentication failure for "/nagios": Password Mismatch, referer: http://hq0nagios3.***.***/



Attached is what my nagios.conf file looks like.
Attachments
nagios1.conf
(2.66 KiB) Downloaded 223 times
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: Trying to Get AD Authentication Working With Core 4.4.2

Post by cdienger »

Try simplifying things a bit in the configuration to see if we can narrow down the problematic config. I was able to get ad/ldap auth working with just 4 additional lines(per section):

Code: Select all

		AuthBasicProvider ldap
		AuthLDAPURL ldap://192.168.55.5:389/cn=users,dc=acme,dc=local?sAMAccountName?sub?(objectClass=*)
		AuthLDAPBindDN "cn=administrator,cn=users,dc=acme,dc=local"
		AuthLDAPBindPassword password
Is the question mark in AuthLDAPBindDN “CN=Nagios?Connector,OU=IT,OU=Accounts,DC=**,DC=****,DC=***” correct? Seems like it could be a typo.

Attached is a config from a lab machine. Hope it helps.
Attachments
nagios.conf
(2.5 KiB) Downloaded 239 times
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
jmichael
Posts: 2
Joined: Tue Dec 04, 2018 9:09 am

Re: Trying to Get AD Authentication Working With Core 4.4.2

Post by jmichael »

Thank You! That bit of code and the sample config you provided got AD auth. working for me. The question mark in the AuthLDAPBindDN was an attempt to resolve the error httpd threw thinking that there was more than one CN value. I recreated an AD object without spaces so I did not have to worry about trying to find a character to take the place of spaces.
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Trying to Get AD Authentication Working With Core 4.4.2

Post by ssax »

That's great to hear, are we okay to lock the topic and mark it as resolved?
Locked