nagiosxi ldap

[anil406]

I am integrating nagiosxi with AD. Can you tell me ports that are need to be both secure(ssl) and non-secure?

[tmcdonald]

I believe port 389 is the non-SSL port for AD. And as sreinhardt mentioned, port 636 is used for SSL.

http://en.wikipedia.org/wiki/List_of_TC ... rt_numbers

[anil406]

Thanks tmcdonald!
After opening port 389 port, I am still unable to get this component(AD auth) working, I don't see any error in error_logs.

Account Suffix: @cb.local
Base DN: dc=org,dc=cb,dc=local
Domain Controllers: 10.10.10.10
security: none

[sreinhardt]

Which version of the ad component are you presently using? I may be able to provide an updated version that can help with some of this too.

[anil406]

I am using below -
Active Directory Integration
Uses Active Directory as a user authentication source. Experimental.
Version: 0.3 Author: Nagios Enterprises, LLC

[sreinhardt]

Well, you can give 0.4 a try. At the very least it gives you a AD tree to browse and add users from via the Admin page. You will need to upload this via Admin->Manage components. Reload the admin page and open the components settings. Verify you feel they are correct. Then you can use the AD Auth Component on the left side bar of the admin page to attempt to view the AD tree. If this is browsable, AD integration is working, if not your settings either in the component settings or username and password when browsing the tree are incorrect.

Code: Select all

http://assets.nagios.com/downloads/nagiosxi/components/Development/active_directory.zip

[anil406]

Thanks for the new version of AD component, I am still unable to login with new version, It shows something like below in access logs.

[Mon Jun 09 15:21:37 2014] [error] [client 172.31.133.2] PHP Notice: Undefined variable: ad_password in /usr/local/nagiosxi/html/includes/components/active_directory/active_directory.php on line 399, referer: http://nagios01.monitoring.admin.cb/nag ... ectory.php

But I am able to get response from the AD when I do the query against AD using ldapsearch like below-

ldapsearch -x -LLL -H ldaps://172.20.1.1 -b 'ou=serviceaccounts,dc=org,dc=cb,dc=local' -D 'cn=nagiosadmin,ou=ServiceAccounts,dc=org,dc=cb,dc=local' -w 'xxxxxxxx' '(sAMAccountName=nagiosadmin)'

[sreinhardt]

What page are you on when it is claiming that no ad_password was provided? It appears that this would be when you attempt to view the AD tree within the components page, does that sound correct? I will restate again, as I see you are still validating against it, and I want to be 100% sure that your tests are valid. The AD component will NOT work with ldaps or AD with forced SSL. You must use AD without SSL over port 386.

[anil406]

Thanks! I got it working, typo in the suffix on AD. Yes, I am using non ssl port 389.

[tmcdonald]

Thanks! I got it working, typo in the suffix on AD. Yes, I am using non ssl port 389.

100% working? If so I'd like to close the thread.