Authenticating users to Nagios Externally
Neil
neil-on-nagios at restricted.dyndns.org
Tue Oct 19 00:08:46 CEST 2004
Actually, I can configure apache to use Secure LDAP. It's going to use
another port other than 389. You know what, I am going to sniff the traffic
between my workstation and apache but not Apache and LDAP since we already
know it is insecure.
I'll do some modifications within the month. :)
Thanks,
fmml at cedval.org writes:
> That is very nice, but if your are not using https (SSL), aren't your
> passwords going out in clear text on the wire?
>
> Francois
>
>> Hi Josh,
>>
>> Solution can be similar to mine. I recompiled our apache with LDAP
>> support.
>> Now, authentication is redirected to our Windows 2000 DC machine.
>>
>> here is my entry in httpd.conf:
>>
>> ScriptAlias /nagios/cgi-bin/ /usr/local/nagios/sbin/
>> <Directory "/usr/local/nagios/sbin/">
>> AllowOverride AuthConfig
>> Options ExecCGI Indexes FollowSymLinks
>> Order allow,deny
>> Allow from all
>> AuthName "ADS Nagios"
>> AuthType Basic
>> LDAP_Server 10.133.133.5
>> LDAP_Port 389
>> Base_DN "OU=People,OU=ADS Users,DC=us,DC=ads,DC=internal"
>> Bind_DN "CN=svc_AppDeliveryServ,OU=Service
>> Accounts,OU=DataCenter,DC=us,DC=ads,DC=internal"
>> Bind_Pass "ha24sdf1"
>> UID_Attr cn
>> require valid-user
>> </Directory>
>>
>> Alias /nagios/ /usr/local/nagios/share/
>> Alias /nagios /usr/local/nagios/share/
>> <Directory "/usr/local/nagios/share">
>> Options None
>> AllowOverride AuthConfig
>> Order allow,deny
>> Allow from all
>> AuthName "ADS Nagios"
>> AuthType Basic
>> LDAP_Server 10.133.133.5
>> LDAP_Port 389
>> Base_DN "OU=People,OU=ADS Users,DC=us,DC=ads,DC=internal"
>> Bind_DN "CN=svc_AppDeliveryServ,OU=Service
>> Accounts,OU=DataCenter,DC=us,DC=ads,DC=internal"
>> Bind_Pass "ha24sdf1"
>> UID_Attr cn
>> require valid-user
>> </Directory>
>>
>> Lastly, this is very important:
>>
>> You have to edit cgi.cfg. You will add the authorized usernames there
>>
>>
>>
>> Samba writes:
>>
>>> We use an application called SiteMinder which protects all of our web
>>> servers. I have the ability to protect our Nagios server with this
>>> application and authenticate them before they get to the web server.
>>> What I
>>> would like to do is take the authenticated user's ID and pass that into
>>> Nagios.
>>>
>>> Any help is appreciated !!
>>>
>>> Josh Konkol, CCSE CNE MCSE
>>> Technical Research Specialist
>>> .~. GuideOne Insurance
>>> /V\
>>> /( )\
>>> ^^-^^ samba at guidemail.com
>>>
>>>
>>> This message and accompanying documents are covered by the Electronic
>>> Communications Privacy Act, 18 U.S.C. §§ 2510-2521, and contains
>>> information
>>> intended for the specified individual(s) only. This information is
>>> confidential. If you are not the intended recipient or an agent
>>> responsible
>>> for delivering it to the intended recipient, you are hereby notified
>>> that
>>> you have received this document in error and that any review,
>>> dissemination,
>>> copying, or the taking of any action based on the contents of this
>>> information is strictly prohibited. If you have received this
>>> communication
>>> in error, please notify us immediately by e-mail, and delete the
>>> original
>>> message.
>>>
>>>
>>> -------------------------------------------------------
>>> This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
>>> Use IT products in your business? Tell us what you think of them. Give
>>> us
>>> Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out
>>> more
>>> http://productguide.itmanagersjournal.com/guidepromo.tmpl
>>> _______________________________________________
>>> Nagios-users mailing list
>>> Nagios-users at lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>>> ::: Please include Nagios version, plugin version (-v) and OS when
>>> reporting any issue.
>>> ::: Messages without supporting info will risk being sent to /dev/null
>>
>>
>>
>> -------------------------------------------------------
>> This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
>> Use IT products in your business? Tell us what you think of them. Give us
>> Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out
>> more
>> http://productguide.itmanagersjournal.com/guidepromo.tmpl
>> _______________________________________________
>> Nagios-users mailing list
>> Nagios-users at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>> ::: Please include Nagios version, plugin version (-v) and OS when
>> reporting any issue.
>> ::: Messages without supporting info will risk being sent to /dev/null
>>
>>
>>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
> Use IT products in your business? Tell us what you think of them. Give us
> Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
> http://productguide.itmanagersjournal.com/guidepromo.tmpl
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list