Cannot import LDAP users

[BackNBlack]

I have checked the No Users returned section of this document: https://support.nagios.com/kb/article/a ... n-600.html for help but am still unable to get any users to show up on the import users page.

I am using Nagios XI v5.5.3 in a CentOS 6.9 environment with Redhat 389 LDAP server.

Code: Select all

 X  Enable this authentication server
 Connection Method: LDAP
 Base DN: dc=test,dc=xxx,dc=net
 LDAP Host: 192.168.xx.xx
 LDAP Port: 389
 Security: None

The only way I could get to connect is by using my DN: uid=user,ou=People,dc=test,dc=xxx,dc=net

I can see the records using ldapsearch with this account

Code: Select all

dn: uid=user,ou=People,dc=test,dc=xxx,dc=net
memberOf: cn=xxx-adm,ou=groups,dc=test,dc=xxx,dc=net
givenName: user
sn: user
loginShell: /bin/bash
gidNumber: 1000
uidNumber: 116512
mail: [email protected]
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
objectClass: inetuser
uid: user
gecos: user user
cn: user user

Any help would be greatly appreciated.

[cdienger]

With LDAP the DN must be used but with AD you can just use the username. Are you saying no users are returned even if you use the DN? If so, I'd like to see a tcpdump taken while trying to use the import tool:

yum -y install tcpdump
tcpdump -s 0 -i any port 389 -w output.pcap

Let this run while you go to the import tool, login, and stop the tcpdump with CTRL+C as soon as the search for users fails. The tcpdump will contain sensitive info so please PM it to me and @Nagios Support or open a ticket with it at support.nagios.com/tickets/

[BackNBlack]

Sorry, I do not know how to PM you. I clicked on the link in this message and it sends me to a search screen. I can go to both cdienger and Nagios Support profiles page and there are no links to issue a PM.

[cdienger]

No problem. Just click on my username and then you should get a screen with a link to PM me. You can add additional people if needed. I try to suggest sending data to @Nagios Support as well in case I'm not here, but I should still be here if you send it today

[BackNBlack]

Thanks, I'm pretty sure that link was not there before when I tried. Also, when i go to the Nagios Support profile it does not have a link to PM. Also, looks like my PM is in my outbox, shouldn't it be in the Sent folder? Lets wait and see if that changes.

[cdienger]

responded to the PM.

[BackNBlack]

I forgot to mention that I get a response from the LDAP server, it shows some folders but not anything in those folder. I have attached a screenshot.

[cdienger]

The tcpdump shows a successful bind and able to find the objects on the right but there isn't a search to find objects within those. You'll need to select Groups, People, Special Users, or nsAccountInactivationTmp before you'll see users.

[BackNBlack]

I did try selecting each one in turn. Nothing happened upon any selection. Is there some sort of Flash or Pop Up setting that is causing this? I will PM you another TCP dump of the try I just did.

[cdienger]

The tcpdump shows a search in "Special Users" but nothing is getting returned. Does your user have access to drill down into this OU? Is there another admin account you can test with? I'd like to see another tcpdump gathered when you try to drill into "People" since we know there should be items in there.