Can login to Nagios XI but not in NagVis (AD)

fogier · Post by **fogier** » Fri Jul 13, 2012 1:31 am

We're working with a Nagios XI 2011R2.4 prebuilt vm and use Active Directory (AD) authentication. We've created a bunch of users and all of these users can login to Nagios. We then let users login to NagVis. After they did that we (admins) can give them a role so they get the permissions they need. However, there are 2 users who can't login to NagVis (they CAN login to Nagios). All others users don't have problems.

We can't reproduce the problem with testusers. We also deleted the nagios accounts and recreated them for these AD-accounts but they still can't login.

scottwilkerson · Post by **scottwilkerson** » Fri Jul 13, 2012 9:42 am

NagVis uses basic authentication using the file set in its apache conf, and not LDAP.

If the users were created in XI with the correct password they would work, but if their LDAP password is different it will fail.

fogier · Post by **fogier** » Wed Jul 18, 2012 12:16 am

We've activated "Active Directory integration".

Account suffix: @dmdelft01.root.lan
Base DN: DC=dmdelft01,DC=root,DC=lan
Domain Controllers": 3 servers with their FQDN seperated by a comma
Security = None

I've added 15 accounts in Nagios and never set a password for those accounts. All of users can login to Nagios AND Nagvis using their AD-accounts. But 2 users can only login to Nagios and NOT in Nagvis. Even when I delete the 2 accounts en recreate them, they cannot login to NagVis.

scottwilkerson · Post by **scottwilkerson** » Wed Jul 18, 2012 9:41 am

One thing to note, have these users logged into XI Yet?

Their password will get set in NagVis the first time they login to XI through the web interface

fogier · Post by **fogier** » Thu Jul 19, 2012 12:36 am

Yes, all the users first login to Nagios XI and then to NagVis.
Just tried it in our test enviroment and the same problem occurs. Nagios XI works, NagVis don't.

scottwilkerson · Post by **scottwilkerson** » Thu Jul 19, 2012 10:10 am

Can you verify that in your /etc/httpd/conf.d/nagvis.conf you have the following line exactly

Code: Select all

AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users

fogier · Post by **fogier** » Fri Jul 20, 2012 12:48 am

Yes, this line is present:

AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users

scottwilkerson · Post by **scottwilkerson** » Fri Jul 20, 2012 1:56 pm

Can you verify the permissions of the file

Code: Select all

ls -l /usr/local/nagiosxi/etc/htpasswd.users

Also can you run the following to verify the username for these users are in there

Code: Select all

cat /usr/local/nagiosxi/etc/htpasswd.users

fogier · Post by **fogier** » Thu Jul 26, 2012 8:19 am

permissions
-rw-r--r--. 1 nagios apache 385 Jul 26 15:05 /usr/local/nagiosxi/etc/htpasswd.users

All users show in the htpasswd.users except the 2 users whom can login to Nagios but can't login to NagVis.
A testaccount works perfectly.

scottwilkerson · Post by **scottwilkerson** » Thu Jul 26, 2012 9:23 am

Are we sure these users have logged into XI and went through the license page?

To get you going, you can manually add them to the file with the following command

Code: Select all

htpasswd -b /usr/local/nagiosxi/etc/htpasswd.users <USERNAME> <PASSWORD>

Nagios Support Forum

Can login to Nagios XI but not in NagVis (AD)

Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)

Re: Can login to Nagios XI but not in NagVis (AD)