Page 1 of 1
problem authenticating with AD integration
Posted: Thu Nov 14, 2019 1:04 pm
by benhank
Hi guys I am having a problem adding new AD servers to nagios.
The service account that is used to import users works on the old domain, but not on the new.
Also when I go to admin/manage users and change my personal account from the old domain and point it to the new and try to log into nagios I get an error stating :
Capture.PNG
When I try to use the service account I get this error:
Capture2.PNG
and finally I believe that I have configured the new servers correctly:
Capture3.PNG
Re: problem authenticating with AD integration
Posted: Thu Nov 14, 2019 5:59 pm
by benjaminsmith
Hi Ben,
Let's turn on debugging, try authenticating again post the Apache logs so we can get a better understanding of what's happening.
To enable debugging.
1. Open the file in vi by executing the following command:
Code: Select all
/usr/local/nagiosxi/html/includes/components/ldap_ad_integration/ldap_ad_integration.inc.php
2. Make the change as per the following example:
Code: Select all
function create_auth_conn_obj($server_id='')
{
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
// Get our settings
3. Tail the log
Code: Select all
tail -f /var/log/httpd/error_log /var/log/httpd/ssl_error_log
Reference:
Active Directory / LDAP - Troubleshooting Authentication Integration
Re: problem authenticating with AD integration
Posted: Mon Dec 02, 2019 1:55 pm
by benhank
Hey fellas I'm not seeing the option in the file. Ive included a copy of my file. Also, I changed the cert I was using but now I get a different error:
Capture.PNG
Re: problem authenticating with AD integration
Posted: Mon Dec 02, 2019 3:38 pm
by ssax
Which version of XI is this one?
There was a recent bugfix that could be related to this.
Please enable debug logging by following this KB article:
- You will need to add that line, it doesn't exist
https://support.nagios.com/kb/article/a ... n-600.html
Then run this tail command (use this one instead of the guide and leave it running):
Code: Select all
tail -Fn0 /var/log/httpd/error_log /var/log/httpd/ssl_error_log
Then try to authenticate again and send me the entire output of the tail command above so that I can see what is occurring.
Re: problem authenticating with AD integration
Posted: Mon Dec 02, 2019 4:49 pm
by benhank
we are running version Nagios XI 5.4.12 . Ill run the commands you suggested and get back to you.
Re: problem authenticating with AD integration
Posted: Mon Dec 02, 2019 5:04 pm
by ssax
Please see followup PM requesting additional info, this looks like a cert issue now.