Nagios Support Forum

Hi,

I have configured nagios.conf to enable LDAP-AD authentication. I have enabled 2 AD users . Both can Sign-in.

1. How to enable full access to these users ? Ex: Restart the Nagios process in Process Info tab of Web UI
2. How to regulate access to these users ? Ex: For one of the users, need to give only read-only access

The variables starting with 'authorized_' in file cgi.cfg has no effect on above 2 AD users.

Even if I set user1 for all those variables (or asterisk *), and login with user1's credentials, I cannot restart nagios process.
It says: "Sorry Dave, I can't let you do that..." don't know who is Dave

user1 cannot perform re-schedule (It is in Service Commands list shown for each service in Services tab under Current Status menu)


I want to give all privileges to user1 which nagiosadmin has

Please help.

Can you share your cgi.cfg obfuscating any sensitive info?

To give additional privileges you need to use the authorized_ fields in this file, making sure you have just a comma separated list and no extra spaces

Also the error should only happen if you have the following set This must be set to 1 for any of this to work.

Hi,

Got it working with use_authentication set to 1

Now I have another requirement..

Need to have both nagiosadmin default web authentication, as well as AD users to access Nagios. Both types working separately.

If I add the block of lines of both nagiosadmin and block of lines of one of the AD users, in nagios.cfg file, it Signs-in only the AD user . Does not allow nagiosadmin who is default local user, Sign-in prompt comes back for him

Above, I have tried with both, setting all variables starting with authorized_ to * and also setting them with nagiosadmin,AD_user in cgi.cfg

In your config you want to change this to this and add in the path to your htpasswd file then restart httpd