AD ldap authentication

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
User avatar
Pitone_Maledetto
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

AD ldap authentication

Post by Pitone_Maledetto »

Hi all,
I am running Nagios® Core™ 4.2.1 on a Debian Jessie 8.7 server.
I am trying to implement personal logins via Active Directory.
Could you please tell me what apache2 modules I need in order to make the following configuration work?

Code: Select all

AuthBasicProvider ldap
AuthLDAPURL ldap://myactivedirectory_ip:389/CN=Administrators,CN=User Accounts,DC=domain,dc=com?sAMAccountName?sub?(objectClass=*)
AuthLDAPBindDN "cn=svc-ldap,cn=ServiceAccounts,DC=domain,dc=com"
AuthLDAPBindPassword svc-ldap_password
At the moment I get an error in apache2 reload and the following when trying to list enabled modules(apache2ctl -M):

Code: Select all

AH00526: Syntax error on line 22 of /etc/apache2/sites-enabled/nagios.conf:
Unknown Authn provider: ldap
Action '-M' failed.
The Apache error log may have more information.
Thank you in advance.
Regards
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
User avatar
Pitone_Maledetto
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

Re: AD ldap authentication

Post by Pitone_Maledetto »

So,
Now I have enabled ldap_module (shared) and authnz_ldap_module (shared)

I have added the following to the configuration

Code: Select all

LDAPTrustedMode NONE
AuthzLDAPAuthoritative on
and deleted the :389 port from the AuthLDAPURL directive.

Now I get the following error although LDAPTrustedMode NONE:

Invalid LDAP connection mode setting: must be one of NONE, SSL, or TLS/STARTTLS
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
User avatar
Pitone_Maledetto
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

Re: AD ldap authentication

Post by Pitone_Maledetto »

Hi admins,
I appreciate this is an apache2 question/issue more than it is a Nagios one, therefore please feel free to close the thread.
Thanks
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: AD ldap authentication

Post by mcapra »

Former Nagios employee
https://www.mcapra.com/
User avatar
Pitone_Maledetto
Posts: 69
Joined: Fri Jul 01, 2016 4:11 am
Location: Liverpool, United Kingdom

Re: AD ldap authentication

Post by Pitone_Maledetto »

Thank you @mcapra
I will try on Monday.
Regards
"It is impossible to work in information technology without also engaging in social engineering"
Jaron Lanier
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:

Re: AD ldap authentication

Post by scottwilkerson »

Pitone_Maledetto wrote:Hi admins,
I appreciate this is an apache2 question/issue more than it is a Nagios one, therefore please feel free to close the thread.
Thanks
Will do.

Closing
Former Nagios employee
Creator:
ahumandesign.com
enneagrams.com
Locked