AD ldap authentication

An open discussion forum for obtaining help with Nagios Core. Nagios Core users of all experience levels are welcome here. Subforum have been created for the discussion of Nagios Core and Nagios Plugin development.

NOTE: The SourceForge.net mailing lists have been deprecated in favor of this forum in order to expedite support and provide additional features not available on the old mailing list.

AD ldap authentication

Postby Pitone_Maledetto » Fri May 31, 2019 12:48 am

Hi all,
I am running Nagios® Core™ 4.2.1 on a Debian Jessie 8.7 server.
I am trying to implement personal logins via Active Directory.
Could you please tell me what apache2 modules I need in order to make the following configuration work?

Code: Select all
AuthBasicProvider ldap
AuthLDAPURL ldap://myactivedirectory_ip:389/CN=Administrators,CN=User Accounts,DC=domain,dc=com?sAMAccountName?sub?(objectClass=*)
AuthLDAPBindDN "cn=svc-ldap,cn=ServiceAccounts,DC=domain,dc=com"
AuthLDAPBindPassword svc-ldap_password


At the moment I get an error in apache2 reload and the following when trying to list enabled modules(apache2ctl -M):

Code: Select all
AH00526: Syntax error on line 22 of /etc/apache2/sites-enabled/nagios.conf:
Unknown Authn provider: ldap
Action '-M' failed.
The Apache error log may have more information.


Thank you in advance.
Regards
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
User avatar
Pitone_Maledetto
 
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

Re: AD ldap authentication

Postby Pitone_Maledetto » Fri May 31, 2019 2:35 am

So,
Now I have enabled ldap_module (shared) and authnz_ldap_module (shared)

I have added the following to the configuration

Code: Select all
LDAPTrustedMode NONE
AuthzLDAPAuthoritative on


and deleted the :389 port from the AuthLDAPURL directive.

Now I get the following error although LDAPTrustedMode NONE:

Invalid LDAP connection mode setting: must be one of NONE, SSL, or TLS/STARTTLS
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
User avatar
Pitone_Maledetto
 
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

Re: AD ldap authentication

Postby Pitone_Maledetto » Fri May 31, 2019 4:30 am

Hi admins,
I appreciate this is an apache2 question/issue more than it is a Nagios one, therefore please feel free to close the thread.
Thanks
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
User avatar
Pitone_Maledetto
 
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

Re: AD ldap authentication

Postby mcapra » Fri May 31, 2019 8:45 am

This post may be useful to you:
viewtopic.php?f=7&t=52622&p=275945#p275945
Former Nagios employee
http://www.mcapra.com/
User avatar
mcapra
 
Posts: 3561
Joined: Thu May 05, 2016 3:54 pm

Re: AD ldap authentication

Postby Pitone_Maledetto » Fri May 31, 2019 9:52 am

Thank you @mcapra
I will try on Monday.
Regards
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
User avatar
Pitone_Maledetto
 
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

Re: AD ldap authentication

Postby scottwilkerson » Fri May 31, 2019 1:01 pm

Pitone_Maledetto wrote:Hi admins,
I appreciate this is an apache2 question/issue more than it is a Nagios one, therefore please feel free to close the thread.
Thanks

Will do.

Closing
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
scottwilkerson
DevOps Engineer
 
Posts: 15047
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises


Return to Nagios Core

Who is online

Users browsing this forum: Google [Bot] and 35 guests