Unable to import user from AD in Nagios Log Server

[Sampath.Basireddy]

Hello There,

I am trying to add an user from LDAP/AD. Each time I try to add, everything goes well, but user is not getting added to User List.

There is no error.

Please assist.

Thank You,

[dwhitfield]

What's the username?

Also, try to add the user and then run tail -50 /var/log/httpd/error_log and paste the output here in a code block.

[Sampath.Basireddy]

It is not any particular user name. It is the same issue with any user I try add from LDAP.

Here is what I am seeing in error_log. Nothing else. I tried "tail -f" while creating user. I see nothing else writing to the file except below text.

cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied
cat: /var/run/logstash/logstash.pid: Permission denied
cat: /var/run/elasticsearch/elasticsearch.pid: Permission denied

[avandemore]

Can you attach your /etc/sudoers and /etc/openldap/ldap.conf?

[dwhitfield]

Additionally, what are the permissions of the following (examples provided):

Code: Select all

[root@centos6x64 elasticsearch]# ll /var/run/elasticsearch
total 4
-rw-r--r-- 1 nagios users 4 Mar  6 09:17 elasticsearch.pid
[root@centos6x64 elasticsearch]# ll /var/run/logstash
total 4
-rw-r--r-- 1 root   root   0 Mar  6 09:17 logstash
-rw-r--r-- 1 nagios nagios 5 Mar  6 09:17 logstash.pid

UPDATE: files received and shared with techs

[Sampath.Basireddy]

Permissions of the requested files:

[<Srv_Name> /]$ ll /var/run/elasticsearch
total 4
-rw-r----- 1 nagios nagios 4 Feb 6 17:00 elasticsearch.pid
[<Srv_Name> /]$ ll /var/run/logstash
total 4
-rw-r----- 1 root root 0 Feb 14 21:16 logstash
-rw-r----- 1 nagios nagios 6 Feb 14 21:16 logstash.pid


I will PM the /etc/sudoers and /etc/openldap/ldap.conf files.

[mcapra]

Is SELinux running on this machine? Can you share the outputs of:

Code: Select all

getenforce

I did notice that Puppet is used to control the sudoers file. That is absolutely going to cause some issues within NLS beyond what we're seeing now.

I also noticed you've hard-coded some values in the ldap.conf file:

Code: Select all

# Turning this off breaks GSSAPI used with krb5 when rdns = false
SASL_NOCANON	on
URI ldaps://bripa1.ux.corp.local
BASE dc=ux,dc=corp,dc=local

Is defining these in-line neccesary? The reason I ask is there's some code in NLS that might have an issue with that. I can provide a super simple sed to try and fix it, I just want to be sure before I do that.

[Sampath.Basireddy]

SELinux is disabled on the machine.

[SRV-Name ~]$ getenforce
Disabled

Regarding the issue which are going to be caused by Puppet, what exact issues are we taking about here.

This is a new Nagios Log server instance we built recently in our environment. We already have couple other Nagios Log Server instances built in our environment with exact same settings in regards to Puppet or the hard-coded values in ldap.conf which do not have any such issues.

I don't think neither Puppet nor ldap.conf are causing this issue.

[dwhitfield]

Can you please email [email protected] and reference this thread? Since you have working servers, figuring out the difference in those probably makes more sense in a support ticket. Please let us know when you've sent the email so we can make sure we received it. Thanks!

[Sampath.Basireddy]

Hi dwhitfield,

I emailed the [email protected] as suggested.

Thank You.