Hello,
We're running on 5.11.3 and are in the process of retiring our current LDAP server. While sifting through firewall logs to find out which systems were still hitting that LDAP server, I noticed our Nagios VM in the list.
Our Nagios users all use local authentication. To test, I added an iptables rule blocking connections to the LDAP server. While that rule was in place, authenticating to the Nagios web interface would hang. As soon as I removed the rule, I was then able to authenticate.
Under Admin -> LDAP/AD Integration: I get the message: "There are currently no LDAP or AD servers to authenticate against."
Under Admin -> Manage Users: All users have an "Auth Type" of "Local"
I've grepped through config at the CLI and I'm coming up blank. Where else could an LDAP connection be defined?
Nagios hitting LDAP server for local logins
- jmichaelson
- Posts: 133
- Joined: Wed Aug 23, 2023 1:02 pm
Re: Nagios hitting LDAP server for local logins
A couple of questions for you. Had you enabled LDAP integration at some point in the past? And are there by chance any sessions on Admin->User sessions that might be LDAP enabled?
Please let us know if you have any other questions or concerns.
-Jason
-Jason
Re: Nagios hitting LDAP server for local logins
It's possible it was enabled at one point, but it hasn't been for at least 4 years since I took over the installation.
There are only two sessions listed under Active Sessions right now and both users are shown as "Local" authentication in the user list.
There are only two sessions listed under Active Sessions right now and both users are shown as "Local" authentication in the user list.
Re: Nagios hitting LDAP server for local logins
To continue troubleshooting, I created a new admin user that has never before existed on this server. Its Auth Type is "Local (Default)". When logging in with this new account, I was able to change my password in Nagios successfully and log in with the new password.
When logging in, tcpdump shows a brief flurry of activity on tcp/636 towards our LDAP server. Again, if I block outbound LDAPS, the login attempt hangs. As soon as I unblock it again, login succeeds.
When logging in, tcpdump shows a brief flurry of activity on tcp/636 towards our LDAP server. Again, if I block outbound LDAPS, the login attempt hangs. As soon as I unblock it again, login succeeds.
- jmichaelson
- Posts: 133
- Joined: Wed Aug 23, 2023 1:02 pm
Re: Nagios hitting LDAP server for local logins
This is most unusual. I'd like you to go into the user edit page (the pencil icon next to the user name) on the manage users admin page. Down at the bottom there's an Auth type link. In turn, select LDAP and AD in the list and see if the fields that show up are populated. If they aren't, you may have to open up a full on support ticket for help with this.
Either way, I'd also recommend upgrading to the latest Nagios XI version as well. 5.11.3 is several months out of date now.
Either way, I'd also recommend upgrading to the latest Nagios XI version as well. 5.11.3 is several months out of date now.
Please let us know if you have any other questions or concerns.
-Jason
-Jason
Re: Nagios hitting LDAP server for local logins
Upgrading is on our to-do list once our busy season is over later this month.
Switching my user to LDAP or AD auth did not populate any of the new fields.
What additional diagnostic information would be helpful with the support ticket?
Switching my user to LDAP or AD auth did not populate any of the new fields.
What additional diagnostic information would be helpful with the support ticket?
Re: Nagios hitting LDAP server for local logins
Case 00009996.