I: R: R: ldap authentication
Marco Borsani
m.borsani at it.net
Wed Apr 27 17:01:59 CEST 2005
Well,
right now I write file .htaccess like this:
AuthName "Marco Nagios Access"
AuthType Basic
AuthLDAPEnabled on
AuthLDAPURL ldap://ldapma.intra.it.net:389/ou=staff,o=it.net
require valid-user
on web server (nagios) I have this error message:
[Wed Apr 27 12:18:34 2005] [warn] [client 10.212.0.9] [6197] auth_ldap
authenticate: user m.borsani authentication failed; URI / [User not
found][No such object]
but , on ldap server I see this log
27/Apr/2005:12:40:17 +0200] conn=8858 op=8 SRCH base="ou=staff,o=it.net"
scope=2 filter="(&(objectclass=*)(uid=m.borsani))"
[27/Apr/2005:12:40:17 +0200] conn=8858 op=8 RESULT err=0 tag=101 nentries=0
etime=0
Any idea ?
Marco
-}-----Messaggio originale-----
-}Da: nagios-users-admin at lists.sourceforge.net
-}[mailto:nagios-users-admin at lists.sourceforge.net]Per conto di guillaume
-}LOHEZ
-}Inviato: mercoledì 27 aprile 2005 10.56
-}A: nagios-users at lists.sourceforge.net
-}Oggetto: Re: R: R: [Nagios-users] ldap authentication
-}
-}
-}Yes, they are needed...
-}Maybe, you can remove lines: AuthLDAPBindDn and AuthLDAPBindPassword if
-}your ldap server doesn't need to be authentified to browse it.
-}
-}You should replace the "requiere group" by a "require valid-user" so
-}apache has just to match login/passwd the grant access !!
-}As it is done in the standard .htaccess of Nagios with the file
-}htpasswd.users
-}
-}All chars are OK
-}"," are to specify the dn
-}"?" are to separate fields for search
-}"*" is to tell apache to look for any objectclass
-}
-}Regards
-}Guillaume
-}
-}
-}
-}Marco Borsani a écrit :
-}
-}>Are all fields necessary ?
-}>For example: if I don't use TFTP I won't write last raw "require
-}group...."?
-}>I know only first two (AuthName and AuthType).
-}>
-}>The char "?", "(", "*" and ")" are real or depend on the "cut and paste"?
-}>
-}>sorry about this questions but I am newbie on apache and ldap!
-}>
-}>
-}>Marco
-}>
-}>-}-----Messaggio originale-----
-}>-}Da: nagios-users-admin at lists.sourceforge.net
-}>-}[mailto:nagios-users-admin at lists.sourceforge.net]Per conto di guillaume
-}>-}LOHEZ
-}>-}Inviato: mercoledì 27 aprile 2005 10.24
-}>-}A: nagios-users at lists.sourceforge.net
-}>-}Oggetto: Re: R: [Nagios-users] ldap authentication
-}>-}
-}>-}
-}>-}Here is a little example
-}>-}Not especially for Nagios but example for LDAPAuth with Apache 2 !!
-}>-}
-}>-} AuthName "Acces TFTPD"
-}>-} AuthType Basic
-}>-} AuthLDAPEnabled on
-}>-} AuthLDAPBindDN "cn=visu,o=europa,dc=net"
-}>-} AuthLDAPBindPassword "someverysecretpassword"
-}>-} AuthLDAPURL
-}>-}ldap://intranet.pointcom.fr:389/ou=utilisateurs,o=europa,dc=net?ui
-}>-}d?sub?(objectClass=*)
-}>-} require group cn=acces_tftpd,ou=apache,o=europa,dc=net
-}>-}
-}>-}Some comments:
-}>-} - Name of the auth
-}>-} - type of the auth
-}>-} - enable ldap
-}>-} - a dn which have read access to the LDAP base
-}>-} - the password of this dn
-}>-} - the url : the name of the server, the port, the dn where your
-}>-}users resides, what your are looking for (uid), if the query is
-}>-}recursive or not (sub) and any objectclass
-}>-} - what the auth require to grant acces (if the login and passwd
-}>-}match), here the user needs to be in the group acces_tftpd
-}>-}
-}>-}I hope, it will help you and some other guys here !! ;-)
-}>-}
-}>-}Regards
-}>-}Guillaume
-}>-}
-}>-}
-}>-}Marco Borsani a écrit :
-}>-}
-}>-}>Yes, If you colud send me some examples should be great!
-}>-}>
-}>-}>My apache server support ldap so, probably, I don't need to install
-}>-}>"libapache-ldapauth or something like that", but I have not idea :
-}>-}>- how to change .htaccess
-}>-}>- ..others changes to perform on Nagios
-}>-}>- setting ldap.conf in Apache (probably just a line like this
-}>-}"AuthLDAPURL
-}>-}>ldap://hostname:389/ou=group,o=org.net")
-}>-}>
-}>-}>Thank you
-}>-}>Marco
-}>-}>
-}>-}>-}-----Messaggio originale-----
-}>-}>-}Da: nagios-users-admin at lists.sourceforge.net
-}>-}>-}[mailto:nagios-users-admin at lists.sourceforge.net]Per conto
-}di guillaume
-}>-}>-}LOHEZ
-}>-}>-}Inviato: mercoledì 27 aprile 2005 9.59
-}>-}>-}A: nagios-users at lists.sourceforge.net
-}>-}>-}Oggetto: Re: [Nagios-users] ldap authentication
-}>-}>-}
-}>-}>-}
-}>-}>-}Hi,
-}>-}>-}
-}>-}>-}To use LDAP auth with Nagios:
-}>-}>-} - you have to install libapache-ldapauth or something like that
-}>-}>-} - change the .htaccess to point to your ldap server
-}>-}>-}Some configuration examples may be found on httpd.apache.org
-}>-}>-}You have to point to the ldap server, give a login/passwd if need to
-}>-}>-}bind to your ldap and specify the criteria to allow access
-}>-}>-}For example, if a user give the good login/passwd, he must be
-}>-}in a group
-}>-}>-}"nagios" for example to have access...
-}>-}>-}
-}>-}>-}If i remember, ldapauth for apache doesn't support ldaps !!
-}>-}>-}
-}>-}>-}I can send you config example if you want...
-}>-}>-}
-}>-}>-}Regards
-}>-}>-}Guillaume
-}>-}>-}
-}>-}>-}
-}>-}>-}Marco Borsani a écrit :
-}>-}>-}
-}>-}>-}>Hi all
-}>-}>-}>
-}>-}>-}>I have installed an Apache that support the LDAP authentication.
-}>-}>-}>
-}>-}>-}>May I configure Nagios to use an LDAP server to view the
-}>-}WEB/CGI pages?
-}>-}>-}>
-}>-}>-}>I read the manual "NAGIOS Version 1.0 Documentaion" but it
-}>-}>-}explains only how
-}>-}>-}>to use the htpasswd.user file.
-}>-}>-}>
-}>-}>-}>regards
-}>-}>-}>
-}>-}>-}>Marco
-}>-}>-}>
-}>-}>-}>
-}>-}>-}>
-}>-}>-}>-------------------------------------------------------
-}>-}>-}>SF.Net email is sponsored by: Tell us your software
-}development plans!
-}>-}>-}>Take this survey and enter to win a one-year sub to SourceForge.net
-}>-}>-}>Plus IDC's 2005 look-ahead and a copy of this survey
-}>-}>-}>Click here to start!
-}http://www.idcswdc.com/cgi-bin/survey?id=105hix
-}>-}>-}>_______________________________________________
-}>-}>-}>Nagios-users mailing list
-}>-}>-}>Nagios-users at lists.sourceforge.net
-}>-}>-}>https://lists.sourceforge.net/lists/listinfo/nagios-users
-}>-}>-}>::: Please include Nagios version, plugin version (-v) and OS
-}>-}>-}when reporting any issue.
-}>-}>-}>::: Messages without supporting info will risk being sent
-}to /dev/null
-}>-}>-}>
-}>-}>-}>
-}>-}>-}>
-}>-}>-}
-}>-}>-}
-}>-}>-}--
-}>-}>-}Guillaume LOHEZ
-}>-}>-}Administrateur Systemes & Reseaux
-}>-}>-}Portable: +33 (0)6 72 23 20 16
-}>-}>-}E-mail: guillaume.lohez at linagora.com
-}>-}>-}------------------------------------
-}>-}>-}LINAGORA
-}>-}>-}30 Rue Saint Augustin, PARIS 2eme
-}>-}>-}Telephone: +33 (0)1 58 18 68 28
-}>-}>-}
-}>-}>-}
-}>-}>-}
-}>-}>-}
-}>-}>-}-------------------------------------------------------
-}>-}>-}SF.Net email is sponsored by: Tell us your software
-}development plans!
-}>-}>-}Take this survey and enter to win a one-year sub to SourceForge.net
-}>-}>-}Plus IDC's 2005 look-ahead and a copy of this survey
-}>-}>-}Click here to start! http://www.idcswdc.com/cgi-bin/survey?id5hix
-}>-}>-}_______________________________________________
-}>-}>-}Nagios-users mailing list
-}>-}>-}Nagios-users at lists.sourceforge.net
-}>-}>-}https://lists.sourceforge.net/lists/listinfo/nagios-users
-}>-}>-}::: Please include Nagios version, plugin version (-v) and OS
-}>-}>-}when reporting any issue.
-}>-}>-}::: Messages without supporting info will risk being sent
-}to /dev/null
-}>-}>
-}>-}>
-}>-}>
-}>-}>
-}>-}
-}>-}
-}>-}--
-}>-}Guillaume LOHEZ
-}>-}Administrateur Systemes & Reseaux
-}>-}Portable: +33 (0)6 72 23 20 16
-}>-}E-mail: guillaume.lohez at linagora.com
-}>-}------------------------------------
-}>-}LINAGORA
-}>-}30 Rue Saint Augustin, PARIS 2eme
-}>-}Telephone: +33 (0)1 58 18 68 28
-}>-}
-}>-}
-}>-}
-}>-}
-}>-}-------------------------------------------------------
-}>-}SF.Net email is sponsored by: Tell us your software development plans!
-}>-}Take this survey and enter to win a one-year sub to SourceForge.net
-}>-}Plus IDC's 2005 look-ahead and a copy of this survey
-}>-}Click here to start! http://www.idcswdc.com/cgi-bin/survey?id5hix
-}>-}_______________________________________________
-}>-}Nagios-users mailing list
-}>-}Nagios-users at lists.sourceforge.net
-}>-}https://lists.sourceforge.net/lists/listinfo/nagios-users
-}>-}::: Please include Nagios version, plugin version (-v) and OS
-}>-}when reporting any issue.
-}>-}::: Messages without supporting info will risk being sent to /dev/null
-}>
-}>
-}>
-}>
-}
-}
-}--
-}Guillaume LOHEZ
-}Administrateur Systemes & Reseaux
-}Portable: +33 (0)6 72 23 20 16
-}E-mail: guillaume.lohez at linagora.com
-}------------------------------------
-}LINAGORA
-}30 Rue Saint Augustin, PARIS 2eme
-}Telephone: +33 (0)1 58 18 68 28
-}
-}
-}
-}
-}-------------------------------------------------------
-}SF.Net email is sponsored by: Tell us your software development plans!
-}Take this survey and enter to win a one-year sub to SourceForge.net
-}Plus IDC's 2005 look-ahead and a copy of this survey
-}Click here to start! http://www.idcswdc.com/cgi-bin/survey?id5hix
-}_______________________________________________
-}Nagios-users mailing list
-}Nagios-users at lists.sourceforge.net
-}https://lists.sourceforge.net/lists/listinfo/nagios-users
-}::: Please include Nagios version, plugin version (-v) and OS
-}when reporting any issue.
-}::: Messages without supporting info will risk being sent to /dev/null
-------------------------------------------------------
SF.Net email is sponsored by: Tell us your software development plans!
Take this survey and enter to win a one-year sub to SourceForge.net
Plus IDC's 2005 look-ahead and a copy of this survey
Click here to start! http://www.idcswdc.com/cgi-bin/survey?id5hix
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list