Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Nagios Giving 500 Server error after ldap integration

https://support.nagios.com/forum/viewtopic.php?t=36421

Page 1 of 1

Nagios Giving 500 Server error after ldap integration

Posted: Mon Jan 04, 2016 3:15 pm
by csayre
Hello,

I am having an issue authenticating with Nagios after setting up ldap. I was hoping that some one could help me out.

/etc/httpd/conf.d/nagios

Code: Select all

# SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER
#
# This file contains examples of entries that need
# to be incorporated into your Apache web server
# configuration file.  Customize the paths, etc. as
# needed to fit your system.

ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
   SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Order allow,deny
   Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from 127.0.0.1
#   AuthName "Nagios Access"
#   AuthType Basic
#   AuthUserFile /usr/local/nagios/etc/htpasswd.users
  Options FollowSymLinks
  AuthBasicProvider ldap
  AuthType Basic
  AuthName "Active Directory Login"
  AuthLDAPURL "ldap://10.2.70.10:3268/DC=dc,DC=Internal?sAMAccountName?sub" NONE
  AuthLDAPBindDN "[email protected]"
  AuthLDAPBindPassword pass
   Require valid-user
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
   SSLRequireSSL
   Options None
   AllowOverride None
   Order allow,deny
   Allow from all
#  Order deny,allow
#  Deny from all
#  Allow from 127.0.0.1
#   AuthName "Nagios Access"
#   AuthType Basic
#   AuthUserFile /usr/local/nagios/etc/htpasswd.users
  Options FollowSymLinks
  AuthBasicProvider ldap
  AuthType Basic
  AuthName "Active Directory Login"
  AuthLDAPURL "ldap://10.2.70.10:3268/DC=dc,DC=Internal?sAMAccountName?sub" NONE
  AuthLDAPBindDN "[email protected]"
  AuthLDAPBindPassword pass
  Require valid-user
</Directory>
I do have ssl enabled on this server.

Please let me know if you need anything else.

Thanks for your help.

Re: Nagios Giving 500 Server error after ldap integration

Posted: Mon Jan 04, 2016 4:49 pm
by rkennedy
What version of Core are you running? Also, what distro / version of linux?

What instructions did you follow to set up LDAP with Core?

Re: Nagios Giving 500 Server error after ldap integration

Posted: Mon Jan 04, 2016 4:52 pm
by csayre
Latest version of core 4.1.1 and centos7.

Re: Nagios Giving 500 Server error after ldap integration

Posted: Mon Jan 04, 2016 4:53 pm
by csayre
http://wellsie.net/p/380/ instructions for ldap, I did have to remove this line: AuthzLDAPAuthoritative off

It was creating errors when starting httpd.

Re: Nagios Giving 500 Server error after ldap integration

Posted: Tue Jan 05, 2016 1:42 pm
by scottwilkerson
Do you have mod_ldap installed?

Code: Select all

yum -y install mod_ldap
service httpd restart
What errors are you getting in the apache error log?

Re: Nagios Giving 500 Server error after ldap integration

Posted: Thu Jan 07, 2016 9:26 am
by csayre
Package mod_ldap-2.4.6-40.el7.centos.x86_64 already installed and latest version


/var/log/error_log

Code: Select all

AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using localhost.localdomain. Set the 'ServerName' directive globally to suppress this message
[Mon Jan 04 14:52:54.388917 2016] [auth_digest:notice] [pid 8492] AH01757: generating secret for digest authentication ...
[Mon Jan 04 14:52:54.389489 2016] [lbmethod_heartbeat:notice] [pid 8492] AH02282: No slotmem from mod_heartmonitor
[Mon Jan 04 14:52:54.390240 2016] [ssl:warn] [pid 8492] AH01909: RSA certificate configured for IYS-ROA-Nagios01:443 does NOT include an ID which matches the server name
[Mon Jan 04 14:52:54.390311 2016] [ssl:warn] [pid 8492] AH02292: Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Mon Jan 04 14:52:54.403387 2016] [mpm_prefork:notice] [pid 8492] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.16 configured -- resuming normal operations
[Mon Jan 04 14:52:54.403409 2016] [core:notice] [pid 8492] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
I do get prompted for username and password after I enter that I get the 500 error page.

Re: Nagios Giving 500 Server error after ldap integration

Posted: Thu Jan 07, 2016 11:29 am
by rkennedy
There may be more information in your ssl_error_log as you mentioned a SSL setup. Can you attempt to login, and then post the output to these 4 commands?

Code: Select all

tail -n50 /var/log/httpd/ssl_error_log
tail -n50 /var/log/httpd/ssl_access_log
tail -n50 /var/log/httpd/error_log
tail -n50 /var/log/httpd/access_log
Was SSL working fine prior to this?
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited