Page 1 of 2
Cannot import LDAP users
Posted: Thu Nov 15, 2018 3:59 pm
by BackNBlack
I have checked the No Users returned section of this document:
https://support.nagios.com/kb/article/a ... n-600.html for help but am still unable to get any users to show up on the import users page.
I am using Nagios XI v5.5.3 in a CentOS 6.9 environment with Redhat 389 LDAP server.
Code: Select all
X Enable this authentication server
Connection Method: LDAP
Base DN: dc=test,dc=xxx,dc=net
LDAP Host: 192.168.xx.xx
LDAP Port: 389
Security: None
The only way I could get to connect is by using my DN: uid=user,ou=People,dc=test,dc=xxx,dc=net
I can see the records using ldapsearch with this account
Code: Select all
dn: uid=user,ou=People,dc=test,dc=xxx,dc=net
memberOf: cn=xxx-adm,ou=groups,dc=test,dc=xxx,dc=net
givenName: user
sn: user
loginShell: /bin/bash
gidNumber: 1000
uidNumber: 116512
mail: [email protected]
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: posixAccount
objectClass: inetuser
uid: user
gecos: user user
cn: user user
Any help would be greatly appreciated.
Re: Cannot import LDAP users
Posted: Thu Nov 15, 2018 4:11 pm
by cdienger
With LDAP the DN must be used but with AD you can just use the username. Are you saying no users are returned even if you use the DN? If so, I'd like to see a tcpdump taken while trying to use the import tool:
yum -y install tcpdump
tcpdump -s 0 -i any port 389 -w output.pcap
Let this run while you go to the import tool, login, and stop the tcpdump with CTRL+C as soon as the search for users fails. The tcpdump will contain sensitive info so please PM it to me and
@Nagios Support or open a ticket with it at support.nagios.com/tickets/
Re: Cannot import LDAP users
Posted: Fri Nov 16, 2018 9:11 am
by BackNBlack
Sorry, I do not know how to PM you. I clicked on the link in this message and it sends me to a search screen. I can go to both cdienger and Nagios Support profiles page and there are no links to issue a PM.
Re: Cannot import LDAP users
Posted: Fri Nov 16, 2018 11:16 am
by cdienger
No problem. Just click on my username and then you should get a screen with a link to PM me. You can add additional people if needed. I try to suggest sending data to
@Nagios Support as well in case I'm not here, but I should still be here if you send it today
Re: Cannot import LDAP users
Posted: Fri Nov 16, 2018 11:41 am
by BackNBlack
Thanks, I'm pretty sure that link was not there before when I tried. Also, when i go to the Nagios Support profile it does not have a link to PM. Also, looks like my PM is in my outbox, shouldn't it be in the Sent folder? Lets wait and see if that changes.
Re: Cannot import LDAP users
Posted: Fri Nov 16, 2018 3:15 pm
by cdienger
responded to the PM.
Re: Cannot import LDAP users
Posted: Mon Nov 19, 2018 7:24 am
by BackNBlack
I forgot to mention that I get a response from the LDAP server, it shows some folders but not anything in those folder. I have attached a screenshot.
Re: Cannot import LDAP users
Posted: Mon Nov 19, 2018 12:22 pm
by cdienger
The tcpdump shows a successful bind and able to find the objects on the right but there isn't a search to find objects within those. You'll need to select Groups, People, Special Users, or nsAccountInactivationTmp before you'll see users.
Re: Cannot import LDAP users
Posted: Mon Nov 19, 2018 12:52 pm
by BackNBlack
I did try selecting each one in turn. Nothing happened upon any selection. Is there some sort of Flash or Pop Up setting that is causing this? I will PM you another TCP dump of the try I just did.
Re: Cannot import LDAP users
Posted: Mon Nov 19, 2018 2:28 pm
by cdienger
The tcpdump shows a search in "Special Users" but nothing is getting returned. Does your user have access to drill down into this OU? Is there another admin account you can test with? I'd like to see another tcpdump gathered when you try to drill into "People" since we know there should be items in there.