Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Active Directory Integration

https://support.nagios.com/forum/viewtopic.php?t=1585

Page 1 of 1

Active Directory Integration

Posted: Wed Feb 02, 2011 10:45 pm
by Box293
Great work on the AD Component. I've just added it to our 2009R1.4 server and all is working well :mrgreen:

Suggestion 1:
  • Allow the adding of multiple Base DN's
    We have a single active directory for multiple clients so it would be handy to be able to specify multiple OU's
    We can work around this by configuring the BASE DN higher up in the tree
    The SonicWALL Firewalls are an example of a device that allows this
    However we don't have clients at the moment who want to look at their monitoring data so it's not something we need, just a suggestion
Suggestion 2:
  • It would be good to be able to use this to authenticate when logging into Core Configuration Manager
One thing I cannot get working is the SSL Security mode. When I set it to SSL it does not let me logon. The domain controller produces this message in the System event log:

Code: Select all

Log Name:      System
Source:        Schannel
Date:          3/02/2011 2:22:14 PM
Event ID:      36887
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      xxx.yyy.local
Description:
The following fatal alert was received: 48.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
    <EventID>36887</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2011-02-03T03:22:14.731816600Z" />
    <EventRecordID>11204</EventRecordID>
    <Correlation />
    <Execution ProcessID="512" ThreadID="1256" />
    <Channel>System</Channel>
    <Computer>xxx.yyy.local</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="AlertDesc">48</Data>
  </EventData>
</Event>
The domain controller is a 2008 R2 Standard Edition server. Nagios XI 2009R1.4 running on a VMware VM on an ESXi 4.1 host.

When the Security mode is set to none everything works fine.

Once again, great work on the component. It's functionality that makes Nagios XI more appealing to the enterprise.

Re: Active Directory Integration

Posted: Thu Feb 03, 2011 10:54 am
by tonyyarusso
Allow the adding of multiple Base DN's
Makes sense. Would you be wanting to specify which one to use for each user, or just try their username within each until one worked or you ran out of DNs to try?
It would be good to be able to use this to authenticate when logging into Core Configuration Manager
Very true...I'll have to see if I can figure out a way to hook into that. Since most of that code comes from a third-party project that may be a bit trickier.
One thing I cannot get working is the SSL Security mode. When I set it to SSL it does not let me logon.
Hmm. I seem to remember having to do some fiddling on the server when setting this up, but I think that was all just in getting secured AD working in the first place. My testing was on Windows 2000 though, so perhaps I'll have to give it another go with something more recent.

Re: Active Directory Integration

Posted: Thu Feb 03, 2011 6:07 pm
by Box293
Makes sense. Would you be wanting to specify which one to use for each user, or just try their username within each until one worked or you ran out of DNs to try?
Just try their username within each until one worked or you ran out of DNs to try, otherwise it's just making it too complicated I think.

Re: Active Directory Integration

Posted: Wed Feb 09, 2011 3:28 pm
by tonyyarusso
Gotcha, I'll keep that in mind.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited