Hi,
I need to use AD-LDAP auhentication for Nagios web Sign-in access; but do not want to write AD user credentials in the nagios.conf file or any other nagios file.
In AD, I would create a group (nagios_users) of 5 users for those the Nagios access to be enabled upon authentication through LDAP
LDAP authentication
Re: LDAP authentication
Here is what works for me:
What version of apache are you running? I'm pretty sure you need the bind password in there though, I don't think it'll work without it unless your admins can disable the bind authentication requirement.
Code: Select all
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
<Directory "/usr/local/nagios/sbin">
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
# AuthzLDAPAuthoritative on
AuthLDAPBindDN "CN=Your User,CN=Users,DC=contoso,DC=local"
AuthLDAPBindPassword "Password"
AuthLDAPURL "ldap://192.168.X.X/CN=Users,DC=contoso,DC=local?sAMAccountName?sub?(objectClass=*)"
AuthType Basic
AuthName "contoso Authentication"
AuthBasicProvider ldap
AuthLDAPGroupAttributeIsDN on
AuthLDAPGroupAttribute member
Require ldap-group CN=nagios_users,CN=Users,DC=contoso,DC=local
Require valid-user
Require all denied
</Directory>
Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# AuthzLDAPAuthoritative on
AuthLDAPBindDN "CN=Your User,CN=Users,DC=contoso,DC=local"
AuthLDAPBindPassword "Password"
AuthLDAPURL "ldap://192.168.X.X/CN=Users,DC=contoso,DC=local?sAMAccountName?sub?(objectClass=*)"
AuthType Basic
AuthName "contoso Authentication"
AuthBasicProvider ldap
AuthLDAPGroupAttributeIsDN on
AuthLDAPGroupAttribute member
Require ldap-group CN=nagios_users,CN=Users,DC=contoso,DC=local
Require valid-user
Require all denied
</Directory>
Re: LDAP authentication
Code: Select all
AuthLDAPBindDN "CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com"
Code: Select all
AuthLDAPBindPassword "Admin Password"
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.