User access

SDohmen · Post by **SDohmen** » Thu Mar 01, 2012 3:35 am

Hello,

I got a question which i cant seem to find a solution for.

I have several users which are allowed to view all normal tabs on all hosts (including the advanced tabs) but i want these users not to be able to login the backend.

Which switches do i have to deselect to achieve this if its even is possible?

mguthrie · Post by **mguthrie** » Thu Mar 01, 2012 10:31 am

By backend do you mean the Core Config Manager or you don't want them to be able to modify anything about the monitoring configuration at all?

Here's the Admin->Manage Users breakdown:

Can see all hosts and services: (self explanatory)

Can (re)configure hosts and services: The configure tab will show up for hosts and services that are able to be configured from the host/service details pages.

Can control all hosts and services: This allows them to issue commands such as: Disable active checks, disable notifications, schedule downtime, etc

Can see/control monitoring engine: This allows users to start and stop sub-system processes from the web UI

Can access advanced features: This will allow them to see the advanced tab for hosts and services, along with a few additional options throughout the UI.

SDohmen · Post by **SDohmen** » Thu Mar 01, 2012 12:14 pm

I am talking about the core config manager yes. My co-worker tends to be a bit to enthusiastic when it comes to changing things and not letting them know to the rest. And when you confront him he denies any knowledge of it. Its kinda annoying when he does things like that so i want to limit his access to this part of the central.

mguthrie · Post by **mguthrie** » Thu Mar 01, 2012 12:29 pm

The Core Config Manager is a separate login and authentication. You can either change the password for the Core Config Manager (nagiosadmin account), or you can also create a separate user for that person in the Config Manager Admin->Manage Config Access, so when he makes changes it'll show up in the Core Config Manager Admin->Config Manager log.

XI Admins can reset the CCM credentials, if he's not an XI Admin level user, just change the Core Config Manager password.

SDohmen · Post by **SDohmen** » Thu Mar 01, 2012 1:22 pm

The problem is that the component what we have isn't controlled by the CCM security features. From what our programmer can see the complete CCM is locked code which doesn't allow new links to be created which would solve this problem.

mguthrie · Post by **mguthrie** » Thu Mar 01, 2012 1:42 pm

I guess I thought the issue was access to the Core Config Manager...

Code: Select all

The problem is that the component what we have isn't controlled by the CCM security features.

So are you looking for code that checks for proper authorization in your component? We can provide you the functions if needed, I just want to make sure I'm understanding what you're looking for.

SDohmen · Post by **SDohmen** » Sun Mar 04, 2012 6:16 am

Yes, thats what we are looking for.

If you look at the picture below you see the link we have created when the component gets installed. However unlike the other menu's in the config manager this one is available to anyone who has the config manager menu without having to login.

Knipsel1.PNG

I hope this makes it better understandable what i mean.

mguthrie · Post by **mguthrie** » Sun Mar 04, 2012 3:31 pm

You'll need to check for some of the following session variables, and if they aren't set, redirect them to the Core Config Manager login page.

Code: Select all

		 //nagiosql overrides
		 $_SESSION['startsite'] = '/nagiosql/admin.php';
		 $_SESSION['username'] = $username; 
		 $_SESSION['keystring'] = '11111111'; 
		 $_SESSION['strLoginMessage'] = '';

Hopefully that gets you what you need.

Nagios Support Forum

User access

User access

Re: User access

Re: User access

Re: User access

Re: User access

Re: User access

Re: User access

Re: User access