I am trying to get Nagios to authenticate web users logging in to the Nagios URL with Active Directory. I have tried several different things I have found around the web, but still no luck. I am new to Nagios and CentOS7 so any help would be appreciated.
Currently when trying to log into Nagios through a browser when entering my AD credentials the prompt disappears and just keeps re-prompting for credentials. When checking the error logs in etc/httpd/logs I am getting the following error:
[Tue Dec 04 09:16:21.835017 2018] [auth_basic:error] [pid 28139] [client 172.24.3.78:54802] AH01617: user j*****: authentication failure for "/nagios": Password Mismatch, referer: http://hq0nagios3.***.***/
Attached is what my nagios.conf file looks like.
Trying to Get AD Authentication Working With Core 4.4.2
Trying to Get AD Authentication Working With Core 4.4.2
- Attachments
-
- nagios1.conf
- (2.66 KiB) Downloaded 226 times
Re: Trying to Get AD Authentication Working With Core 4.4.2
Try simplifying things a bit in the configuration to see if we can narrow down the problematic config. I was able to get ad/ldap auth working with just 4 additional lines(per section):
Is the question mark in AuthLDAPBindDN “CN=Nagios?Connector,OU=IT,OU=Accounts,DC=**,DC=****,DC=***” correct? Seems like it could be a typo.
Attached is a config from a lab machine. Hope it helps.
Code: Select all
AuthBasicProvider ldap
AuthLDAPURL ldap://192.168.55.5:389/cn=users,dc=acme,dc=local?sAMAccountName?sub?(objectClass=*)
AuthLDAPBindDN "cn=administrator,cn=users,dc=acme,dc=local"
AuthLDAPBindPassword password
Attached is a config from a lab machine. Hope it helps.
- Attachments
-
- nagios.conf
- (2.5 KiB) Downloaded 246 times
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Trying to Get AD Authentication Working With Core 4.4.2
Thank You! That bit of code and the sample config you provided got AD auth. working for me. The question mark in the AuthLDAPBindDN was an attempt to resolve the error httpd threw thinking that there was more than one CN value. I recreated an AD object without spaces so I did not have to worry about trying to find a character to take the place of spaces.
Re: Trying to Get AD Authentication Working With Core 4.4.2
That's great to hear, are we okay to lock the topic and mark it as resolved?