I have Active Directory Integration working when I have Security set to None. I wen through the document and was able to create the cacerts.pem without any issues. The document doesn't mention changing the security setting in Active Directory Integration module to SSL or TLS. I tried both but neither one worked. Is this setting required in NagiosXI to encrypt the connection or does the setting in ldap.conf is making the secured connection: "TLS_CACERT /etc/openldap/cacerts.pem" ?
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
#BASE dc=example,dc=com
#URI ldap://ldap.example.com ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS_CACERTDIR /etc/openldap/cacerts
TLS_CACERT /etc/openldap/cacerts.pem
Have you specifically configured AD to work with TLS\SSL? By default, no AD installations will enable this, and it does require quite a change to AD itself though.
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
I checked with our AD group and they said that our AD has not been setup to use SSL/TLS. We do have Kerberbos/LDAPS setup on a linux ldap server. We use Kerberos authenticate for SSH connections to our linux servers and have several web apps that use LDAPS for authenticaion, using the same LDAP server. Can I use one of these methods to have Nagios user accounts authenicate to AD?
I honestly do not know if it will work with ldaps, as it is specifically designed to work with AD. We do have a separate ldap component if you would like. However you are certainly welcome to try with ldap!
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.