Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

RHEL 7 Active Directory/LDAP Integration

https://support.nagios.com/forum/viewtopic.php?t=58362

Page 1 of 1

RHEL 7 Active Directory/LDAP Integration

Posted: Tue Apr 28, 2020 4:33 pm
by tvanhill
FYI, it appears the instructions for configure AD/LDAP integration using SSL is incorrect (https://assets.nagios.com/downloads/nag ... d-LDAP.pdf) for RHEL 7 (we are on 7.8). The instructions state that the certificate authority certificate should be copied to /etc/openldap/cacerts (along with several steps to get to that point). The same steps are performed if you use the Web Site (Admin -> LDAP/AD Integration - Add Certificate). However, after performing these steps and verifying the correct certificate was included, I still could not add users from Active Directory.

In order to make it work, I had to copy the CA certificate to "/etc/pki/ca-trust/source/anchors" and run the "update-ca-trust" command to update CA trust store. After performing these steps I was able to authenticate to the AD servers. Also note that "ldapsearch" would not connect to AD without this change.

Re: RHEL 7 Active Directory/LDAP Integration

Posted: Tue Apr 28, 2020 4:39 pm
by ssax
Either way should technically work. There must've been an issue if it didn't work though the standard method. We can either work through that issue or you can use it the way you currently are.

If you'd like to work through it, please attach your /etc/openldap/ldap.conf and the output of these commands:

Code: Select all

ls -l /etc/openldap
ls -l /etc/openldap/certs
ls -l /etc/openldap/cacerts
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited