trying to test the API on the Inbound Check Transfer Settings but getting "forbidden". I am also unable to receive passive check results. not sure if these are related. I have also tried turning off the firewall on my rhel7 XI box.
thanks!
XI 5.4.3 NRDP Forbidden
-
dwhitfield
- Former Nagios Staff
- Posts: 4583
- Joined: Wed Sep 21, 2016 10:29 am
- Location: NoLo, Minneapolis, MN
- Contact:
Re: XI 5.4.3 NRDP Forbidden
Did you use https://assets.nagios.com/downloads/nag ... ith_XI.pdf to set things up?
Do you have anything in your Unconfigured Objects? https://assets.nagios.com/downloads/nag ... ith_XI.pdf
What's the output of the following?
Can you PM me your Profile? You can download it by going to Admin > System Config > System Profile and click the Download Profile button towards the top. If for whatever reason you *cannot* download the profile, please put the output of View System Info (5.3.4+, Show Profile if older) in the thread (that will at least get us some info). This will give us access to many of the logs we would otherwise ask for individually. If security is a concern, you can unzip the profile take out what you like, and then zip it up again. We may end up needing something you remove, but we can ask for that specifically.
After you PM the profile, please update this thread. Updating this thread is the only way for it to show back up on our dashboard.
UPDATE: profile received and shared with techs
Do you have anything in your Unconfigured Objects? https://assets.nagios.com/downloads/nag ... ith_XI.pdf
What's the output of the following?
Code: Select all
getenforce
cat /etc/httpd/conf.d/nrdp.conf
ll /etc/httpd/conf.d/nrdp.conf
After you PM the profile, please update this thread. Updating this thread is the only way for it to show back up on our dashboard.
UPDATE: profile received and shared with techs
Last edited by dwhitfield on Mon May 01, 2017 12:46 pm, edited 1 time in total.
Reason: profile received
Reason: profile received
Re: XI 5.4.3 NRDP Forbidden
i did use that guide and nothing shows up in unconfigured objs.
profile should be in your inbox.
profile should be in your inbox.
Code: Select all
[root@nagiosxi libexec]# getenforce
DisabledCode: Select all
[root@nagiosxi libexec]# cat /etc/httpd/conf.d/nrdp.conf
<Directory "/usr/local/nrdp">
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
# AuthName "NRDP"
# AuthType Basic
# AuthUserFile /usr/local/nrdp/htpasswd.users
# Require valid-user
</Directory>
Alias /nrdp "/usr/local/nrdp/server"Code: Select all
[root@nagiosxi libexec]# ll /etc/httpd/conf.d/nrdp.conf
-rwxr-xr-x. 1 root root 344 Apr 21 09:33 /etc/httpd/conf.d/nrdp.conf
Last edited by dwhitfield on Mon May 01, 2017 12:13 pm, edited 1 time in total.
Reason: code blocks FTW
Reason: code blocks FTW
Re: XI 5.4.3 NRDP Forbidden
Are you receiving the error when you got to https://YOURXISERVER/nrdp initially or when you click the submit button on that page?
Re: XI 5.4.3 NRDP Forbidden
Please post the output of these commands:
Then run this command and post the resulting /tmp/httpd_configs.zip file:
Thank you
Code: Select all
ls -ld /usr/local/nrdp
ls -l /usr/local/nrdp
ls -l /usr/local/nrdp/server
ls -l /usr/local/nrdp/server/includes
grep nag /etc/group
grep "User \|Group " /etc/httpd/conf/httpd.confCode: Select all
zip -r /tmp/httpd_configs.zip /etc/httpd/conf/httpd.conf /etc/httpd/conf.dRe: XI 5.4.3 NRDP Forbidden
added
You do not have the required permissions to view the files attached to this post.
Re: XI 5.4.3 NRDP Forbidden
Was the system configured to be accessed using SSL?
If so, there are some missing configurations that were missed. Take a look at the following document and verify that all of the settings were done.
https://assets.nagios.com/downloads/nag ... s%20XI.pdf
This section was missed
Edit the file /etc/httpd/conf/httpd.conf and add the following lines to the end of the file.
After saving the file, restart the Apache process by running the following as root.
Also, make sure the following was done as well
Edit the file /usr/local/nagiosxi/html/config.inc.php and find the following line:
Change it to:
Let us know is this fixes the issue.
If so, there are some missing configurations that were missed. Take a look at the following document and verify that all of the settings were done.
https://assets.nagios.com/downloads/nag ... s%20XI.pdf
This section was missed
Edit the file /etc/httpd/conf/httpd.conf and add the following lines to the end of the file.
Code: Select all
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}Code: Select all
systemctl restart httpd.serviceEdit the file /usr/local/nagiosxi/html/config.inc.php and find the following line:
Code: Select all
$cfg['use_https']=false;Code: Select all
$cfg['use_https']=true;Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: XI 5.4.3 NRDP Forbidden
hi, the system is not set to use SSL.
Re: XI 5.4.3 NRDP Forbidden
Can you edit the /etc/httpd/conf.d/ssl.conf file and remove the following section.
Restart apache by running
Then try and access the system.
If it fails, take a look in the /var/log/httpd/error_log file for any errors and post them so we can view them.
Code: Select all
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule nagiosxi/api/v1/(.*)$ /usr/local/nagiosxi/html/api/v1/index.php?request=$1 [QSA,NC,L]
</IfModule>Code: Select all
service httpd restartIf it fails, take a look in the /var/log/httpd/error_log file for any errors and post them so we can view them.
Be sure to check out our Knowledgebase for helpful articles and solutions!