Hi all, brand new install of Nagios deployed from the VM ova. I've added my Active Directory authentication server to Nagios but when I go to import users I get the following response:
Unable to authenticate: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1
Some searching points to the 52e error indicating that the username exists but the password is wrong. I can verify that this is not the case and have tried with several accounts that have the appropriate access and that I have set the password for and are working to log into other machines in our domain.
I've verified that the Nagios server can ping the active directory servers directly via FQDN so there doesn't appear to be any physical communication issues.
Authentication error when importing users from AD server
Re: Authentication error when importing users from AD server
Can you show us a screenshot of your configured settings? Then, please turn on debugging for the LDAP component by using the following command -
sed -i 's/\/\/ Otherwise check authentication/ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);/g' /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/ldap_ad_integration.inc.php
Then, run a tail on your HTTP log files -
Now, try to submit the information once again to authenticate. Send over the information that the tail ends up spitting out.
To turn off the debugging, run the following -
This will give us a bit more information to work with.
sed -i 's/\/\/ Otherwise check authentication/ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);/g' /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/ldap_ad_integration.inc.php
Then, run a tail on your HTTP log files -
Code: Select all
tail -f /var/log/httpd/*error_logTo turn off the debugging, run the following -
Code: Select all
sed -i 's/ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);/\/\/ Otherwise check authentication/g' /usr/local/nagiosxi/html/includes/components/ldap_ad_integration/ldap_ad_integration.inc.phpFormer Nagios Employee
Re: Authentication error when importing users from AD server
Thanks for the pointers, after carefully reviewing the information I had entered I realized that the account suffix for our domain is in the format @site.domain.com and I had just entered @domain.com it connected right away after that.
Nub mistake.
Nub mistake.
Re: Authentication error when importing users from AD server
Nice catch! Happens to all of us at times, and that's why the logs help too 
Are we good to mark this thread resolved?
Are we good to mark this thread resolved?
Former Nagios Employee
Re: Authentication error when importing users from AD server
Please feel free to mark this thread as resolved.