I would like to know if it's possible to user Active Directory credentials for the website authentication option?
Thanks...Steve
Website options
-
tonyyarusso
- Posts: 1128
- Joined: Wed Mar 03, 2010 12:38 pm
- Location: St. Paul, MN, USA
- Contact:
Re: Website options
Assuming what you mean is using those credentials to log in to the XI web interface, then the answer is "not currently, but it's something we'd like to implement eventually".
Re: Website options
Not really. I mean when you configure a web site to be monitored, can you specify "domain credentials" in the "Website Options Credentials".
Thanks...Steve
Thanks...Steve
-
tonyyarusso
- Posts: 1128
- Joined: Wed Mar 03, 2010 12:38 pm
- Location: St. Paul, MN, USA
- Contact:
Re: Website options
I'm not really sure how this would work. As long as the web server is presenting it as BASIC or DIGEST authentication, the fields in the wizard will work, regardless of whether that ends up getting compared to a flat file or AD.
Re: Website options
The HTTP server checks auth credentials against what ever source it's configured for.
There are several "methods" a browser can use to deliver these credentials, some will work better then others depending on the client and server software involved. Nagios has several clients or plugins that can check various aspects of http, I'm certain you can find a combination that tests the auth method you are concerned with.
There are several "methods" a browser can use to deliver these credentials, some will work better then others depending on the client and server software involved. Nagios has several clients or plugins that can check various aspects of http, I'm certain you can find a combination that tests the auth method you are concerned with.
Re: Website options
I everyone, I've been unsuccessful trying to monitor one of website with Nagios XI. I have 3 site one with Digest authentication, one with Integrated Windows authentication. I've entered windows credentials on both and still getting "HTTP WARNING: HTTP/1.1 401 Unauthorized".
Is there a way to make this work? If so is there a guide on how to do it?
Thanks for your help!
Steve
Is there a way to make this work? If so is there a guide on how to do it?
Thanks for your help!
Steve
Re: Website options
That's most likely NTLM(NT LanManager) authentication, though it could also be Cerberus(krb).
Could you describe of the software used and how it was deployed/configured?
Could you describe of the software used and how it was deployed/configured?
Re: Website options
I'm just trying to monitor a standard HTML website with Digest Authentication and an other one with Integrated Windows Authentication.
I'm new to Nagios and I only have a little knowledge in Linux so it's probably something minor that I'm missing.
I's a Windows 2003 R2 Enterprise box with IIS 6.0.
Thanks...Steve
I'm new to Nagios and I only have a little knowledge in Linux so it's probably something minor that I'm missing.
I's a Windows 2003 R2 Enterprise box with IIS 6.0.
Thanks...Steve
Re: Website options
Steve,
I've never even heard of "Integrated Windows Authentication". Google says it's, formerly called NTLM, and also known as Windows NT Challenge/Response authentication. There is another technology called Kerberos that's vary similar and ppl confuse things even further with LDAP.
This indicates there is another server handling authentication. Can you describe it and it's configuration as well?
With all the different technologies and implementations I don't believe there is any "simple" configuration/combination. I may believe that there is a most common configuration, but I'd have no idea what that would be. It's important that we don't try and use krb5/ldap technology with an NTLM setup and vice versa. It's also important that if you are using NTLM or krb5 that you identify the specific software you are using for the entire deployment.
LDAP has a large number of configurations, so it's even more difficult to work with then these other two. One needs to have a good understanding of what one is trying to do and how it's to be done when working with LDAP technology.
This makes it difficult to find the right configuration to work with your setup, there may be 3 or 4 plugins that do "Challenge/Response authentication" and it's a matter of using the right one in the right way. Unfortunately that may mean using trial and error.
So how does this work for you:
http://exchange.nagios.org/directory/Pl ... lm/details
I've never even heard of "Integrated Windows Authentication". Google says it's, formerly called NTLM, and also known as Windows NT Challenge/Response authentication. There is another technology called Kerberos that's vary similar and ppl confuse things even further with LDAP.
This indicates there is another server handling authentication. Can you describe it and it's configuration as well?
With all the different technologies and implementations I don't believe there is any "simple" configuration/combination. I may believe that there is a most common configuration, but I'd have no idea what that would be. It's important that we don't try and use krb5/ldap technology with an NTLM setup and vice versa. It's also important that if you are using NTLM or krb5 that you identify the specific software you are using for the entire deployment.
LDAP has a large number of configurations, so it's even more difficult to work with then these other two. One needs to have a good understanding of what one is trying to do and how it's to be done when working with LDAP technology.
This makes it difficult to find the right configuration to work with your setup, there may be 3 or 4 plugins that do "Challenge/Response authentication" and it's a matter of using the right one in the right way. Unfortunately that may mean using trial and error.
So how does this work for you:
http://exchange.nagios.org/directory/Pl ... lm/details