Using both NTLM and htpasswd file authentication for NAGIOS web interface

[Ayotunde Itayemi]

Hi All,

I would like to use both NTLM authentication and htpasswd authentication
to grant access to the NAGIOS web interface. If possible, authenticate
against Windows AD first, and if not successful, authenticate against
the apache htpasswd file (possibly use the htpasswd file like a
fall-back/default authentication mechanism).

 

My /etc/httpd/conf.d/nagios.conf file's content is listed below.  I
suspect I need to incorporate "AuthType Basic" in there somehow, but I
have tried various option (specifying the htppasswd file too, but I
usually end up with the authentication not functioning at all)

 

The first access dialog box has the text "Enter username and password
for http://mynagios" and if I enter a valid Windows AD credential, I get
logged in. If instead, I select cancel on this dialog box, I get a
second access dialog box with the text "A username and password are
being requested by http://znlnagios. The site says: "NAGIOS". If I
supply a valid Windows AD credential, I get logged in also.

 

This also brings me to a related issue, I cannot use the "Downtime"
module - and any other module by which I can submit a command. I get the
message that I am not authorized to submit the command to Nagios. Yet, I
have added the user (MYDOMAIN\username and also username) to the
relevant sections of the cgi.cgi file.

Thanks.

 

The content of /etc/httpd/conf.d/nagios.conf

# cat /etc/httpd/conf.d/nagios.conf

  NTLMAuth on

  NTLMAuthoritative on

  NTLMBasicAuth on

  NTLMBasicRealm NAGIOS

  AuthUserFile /usr/local/nagios/etc/htpasswd.users

  NTLMDomain MY-WINDOWS-DOMAIN

  NTLMLockfile /tmp/_my.lck

  NTLMServer my-winaddc1

  NTLMBackup my-winaddc2

  Require valid-user

#  Satisfy all

</Directory>

 

Alias /nagios "/usr/local/nagios/share"

 

<Directory "/usr/local/nagios/share">

  AuthName NTAuth

  AuthType NTLM

  NTLMAuth on

  NTLMAuthoritative on

  NTLMBasicAuth on

  NTLMBasicRealm NAGIOS

  AuthUserFile /usr/local/nagios/etc/htpasswd.users

  NTLMDomain MY-WINDOWS-DOMAIN

  NTLMLockfile /tmp/_my.lck

  NTLMServer my-winaddc1

  NTLMBackup my-winaddc2

  Require valid-user

  Satisfy all

</Directory>

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20090523/4e3d66ab/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, & 
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com 
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null