Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

LDAP Authentication

https://support.nagios.com/forum/viewtopic.php?t=55595

Page 2 of 2

Re: LDAP Authentication

Posted: Thu Sep 19, 2019 6:36 am
by fmunoz
My uname -a answer is: SMP Debian 4.9.168-1+deb9u5 (2019-08-11) x86_64 GNU/Linux

The file that i have modified is in another directory, because i have not the httpd.conf file..

My file is in /etc/apache2/sites-enabled/nagios.conf

Code: Select all


ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Allow from all
   Order allow,deny

  AuthLDAPBindDN "CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com"
  AuthLDAPBindPassword "Admin Password"
  AuthLDAPURL "ldap://192.168.X.X/CN=<<groupNameInServer>,DC=<<ldapserver>>,DC=com?sAMAccountName?sub?(objectClass=*)"
  AuthType Basic
  AuthName "Nagios Authentication"
  AuthBasicProvider ldap
  AuthLDAPGroupAttributeIsDN on
  AuthLDAPGroupAttribute member
  Require ldap-group CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com
  Require valid-user
  Require all denied

</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
   Options None
   AllowOverride None
   Order allow,deny
   Allow from all

  AuthLDAPBindDN "CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com"
  AuthLDAPBindPassword "Admin Password"
  AuthLDAPURL "ldap://192.168.X.X/CN=<<groupNameInServer>,DC=<<ldapserver>>,DC=com?sAMAccountName?sub?(objectClass=*)"
  AuthType Basic
  AuthName "Nagios Authentication"
  AuthBasicProvider ldap
  AuthLDAPGroupAttributeIsDN on
  AuthLDAPGroupAttribute member
  Require ldap-group CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com
  Require valid-user
  Require all denied
</Directory>

Re: LDAP Authentication

Posted: Thu Sep 19, 2019 8:37 am
by fmunoz
My uname -a answer is: SMP Debian 4.9.168-1+deb9u5 (2019-08-11) x86_64 GNU/Linux

The file that i have modified is in another directory, because i have not the httpd.conf file..

My file is in /etc/apache2/sites-enabled/nagios.conf

Code: Select all


ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Allow from all
   Order allow,deny

  AuthLDAPBindDN "CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com"
  AuthLDAPBindPassword "Admin Password"
  AuthLDAPURL "ldap://192.168.X.X/CN=<<groupNameInServer>,DC=<<ldapserver>>,DC=com?sAMAccountName?sub?(objectClass=*)"
  AuthType Basic
  AuthName "Nagios Authentication"
  AuthBasicProvider ldap
  AuthLDAPGroupAttributeIsDN on
  AuthLDAPGroupAttribute member
  Require ldap-group CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com
  Require valid-user
  Require all denied

</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
   Options None
   AllowOverride None
   Order allow,deny
   Allow from all

  AuthLDAPBindDN "CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com"
  AuthLDAPBindPassword "Admin Password"
  AuthLDAPURL "ldap://192.168.X.X/CN=<<groupNameInServer>,DC=<<ldapserver>>,DC=com?sAMAccountName?sub?(objectClass=*)"
  AuthType Basic
  AuthName "Nagios Authentication"
  AuthBasicProvider ldap
  AuthLDAPGroupAttributeIsDN on
  AuthLDAPGroupAttribute member
  Require ldap-group CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com
  Require valid-user
  Require all denied
</Directory>

Re: LDAP Authentication

Posted: Fri Sep 20, 2019 8:30 am
by fmunoz
Hi! How are you? Thank you for your time and your answer!

My uname -a answer is: SMP Debian 4.9.168-1+deb9u5 (2019-08-11) x86_64 GNU/Linux

The file that i have modified is in another directory, because i have not the httpd.conf file..

My file is in /etc/apache2/sites-enabled/nagios.conf

Code: Select all



ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Allow from all
   Order allow,deny

  AuthLDAPBindDN "CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com"
  AuthLDAPBindPassword "Admin Password"
  AuthLDAPURL "ldap://192.168.X.X/CN=<<groupNameInServer>,DC=<<ldapserver>>,DC=com?sAMAccountName?sub?(objectClass=*)"
  AuthType Basic
  AuthName "Nagios Authentication"
  AuthBasicProvider ldap
  AuthLDAPGroupAttributeIsDN on
  AuthLDAPGroupAttribute member
  Require ldap-group CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com
  Require valid-user
  Require all denied

</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
   Options None
   AllowOverride None
   Order allow,deny
   Allow from all

  AuthLDAPBindDN "CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com"
  AuthLDAPBindPassword "Admin Password"
  AuthLDAPURL "ldap://192.168.X.X/CN=<<groupNameInServer>,DC=<<ldapserver>>,DC=com?sAMAccountName?sub?(objectClass=*)"
  AuthType Basic
  AuthName "Nagios Authentication"
  AuthBasicProvider ldap
  AuthLDAPGroupAttributeIsDN on
  AuthLDAPGroupAttribute member
  Require ldap-group CN=<<groupNameInServer>>,DC=<<ldapserver>>,DC=com
  Require valid-user
  Require all denied
</Directory>

Re: LDAP Authentication

Posted: Mon Sep 23, 2019 9:29 am
by ssax
Please run this tail command (and leave it running):

Code: Select all

sudo tail -Fn0 /var/log/apache2/*.log
Then run the the auth attempt, once it fails, please send me the full output of the still running tail command.
All times are UTC-05:00
Page 2 of 2

Powered by phpBB® Forum Software © phpBB Limited