Nagios Support Forum

Hi -

Apparently check_http does not support NTLM authentication yet and the only plugin that I was able to get working with NTLM (check_http_ntlm) is severely lacking in other features (like string/regex matching).

Has there been any progression on this (getting NTLM working on check_http) or viable alternatives found?

Thanks in advance,

Tony

My profile below:

System:
Nagios XI Version : 2014R1.4
nwd2ng01.corp.analog.com 2.6.32-358.2.1.el6.x86_64 x86_64
CentOS release 6.5 (Final)
Gnome is not installed
Apache Information
PHP Version: 5.3.3
Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0
Server Name: nwd2ng01.corp.analog.com
Server Address: 10.64.52.120
Server Port: 80
Date/Time
PHP Timezone: America/New_York
PHP Time: Tue, 13 Jan 2015 15:38:04 -0500
System Time: Tue, 13 Jan 2015 15:38:04 -0500
Nagios XI Data
License ends in: MSTNQS

nagios (pid 16057) is running...
NPCD running (pid 1734).
ndo2db (pid 1809) is running...
CPU Load 15: 9.58
Total Hosts: 392
Total Services: 2982
Function 'get_base_uri' returns: http://nwd2ng01.corp.analog.com/nagiosxi/
Function 'get_base_url' returns: http://nwd2ng01.corp.analog.com/nagiosxi/
Function 'get_backend_url(internal_call=false)' returns: http://nwd2ng01.corp.analog.com/nagiosx ... rofile.php
Function 'get_backend_url(internal_call=true)' returns: http://localhost/nagiosxi/backend/
Ping Test localhost
Running:

/bin/ping -c 3 localhost 2>&1

PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.022 ms
64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.020 ms
64 bytes from localhost (127.0.0.1): icmp_seq=3 ttl=64 time=0.025 ms

--- localhost ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 0.020/0.022/0.025/0.004 ms
Test wget To localhost
WGET From URL: http://localhost/nagiosxi/includes/components/ccm/
Running:

/usr/bin/wget http://localhost/nagiosxi/includes/components/ccm/

--2015-01-13 15:38:06-- http://localhost/nagiosxi/includes/components/ccm/
Resolving localhost... ::1, 127.0.0.1
Connecting to localhost|::1|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: "/usr/local/nagiosxi/tmp/ccm_index.tmp"

0K ......... 567K=0.02s

2015-01-13 15:38:06 (567 KB/s) - "/usr/local/nagiosxi/tmp/ccm_index.tmp" saved [9666]

Not at this point, although provided the rest of my planning goes as expected there should be major changes sooner rather than later that would allow this. Currently properly implementing ntlm authentication would require some major work to check_http, however there are other plugins that would likely also benefit from it and a more agnostic implementation. Some other options that might work for you, would be the webinject plugin and the selenium integration. As far as I know, both should allow for ntlm and some very awesome use cases!

Not the answer I was hoping for, but I will do some additional reading on the two suggestions. Thank you. I thought I read webInject doesn't support NTLM either somewhere? Guess there's only one way to really find out.

I am honestly not 100% sure if webinject does support ntlm or not, however I strongly prefer selenium if I need to do transactional checks anyway. Selenium, if only because of the massive number of languages it can export into, should definitely support ntlm. Sorry about it not being the answer you were looking for, but I can promise that the changes are worth the wait, opposed to reinventing the wheel yet again on our side.