R: R: ldap authentication
guillaume LOHEZ
guillaume.lohez at linagora.com
Wed Apr 27 10:56:02 CEST 2005
Yes, they are needed...
Maybe, you can remove lines: AuthLDAPBindDn and AuthLDAPBindPassword if
your ldap server doesn't need to be authentified to browse it.
You should replace the "requiere group" by a "require valid-user" so
apache has just to match login/passwd the grant access !!
As it is done in the standard .htaccess of Nagios with the file
htpasswd.users
All chars are OK
"," are to specify the dn
"?" are to separate fields for search
"*" is to tell apache to look for any objectclass
Regards
Guillaume
Marco Borsani a écrit :
>Are all fields necessary ?
>For example: if I don't use TFTP I won't write last raw "require group...."?
>I know only first two (AuthName and AuthType).
>
>The char "?", "(", "*" and ")" are real or depend on the "cut and paste"?
>
>sorry about this questions but I am newbie on apache and ldap!
>
>
>Marco
>
>-}-----Messaggio originale-----
>-}Da: nagios-users-admin at lists.sourceforge.net
>-}[mailto:nagios-users-admin at lists.sourceforge.net]Per conto di guillaume
>-}LOHEZ
>-}Inviato: mercoledì 27 aprile 2005 10.24
>-}A: nagios-users at lists.sourceforge.net
>-}Oggetto: Re: R: [Nagios-users] ldap authentication
>-}
>-}
>-}Here is a little example
>-}Not especially for Nagios but example for LDAPAuth with Apache 2 !!
>-}
>-} AuthName "Acces TFTPD"
>-} AuthType Basic
>-} AuthLDAPEnabled on
>-} AuthLDAPBindDN "cn=visu,o=europa,dc=net"
>-} AuthLDAPBindPassword "someverysecretpassword"
>-} AuthLDAPURL
>-}ldap://intranet.pointcom.fr:389/ou=utilisateurs,o=europa,dc=net?ui
>-}d?sub?(objectClass=*)
>-} require group cn=acces_tftpd,ou=apache,o=europa,dc=net
>-}
>-}Some comments:
>-} - Name of the auth
>-} - type of the auth
>-} - enable ldap
>-} - a dn which have read access to the LDAP base
>-} - the password of this dn
>-} - the url : the name of the server, the port, the dn where your
>-}users resides, what your are looking for (uid), if the query is
>-}recursive or not (sub) and any objectclass
>-} - what the auth require to grant acces (if the login and passwd
>-}match), here the user needs to be in the group acces_tftpd
>-}
>-}I hope, it will help you and some other guys here !! ;-)
>-}
>-}Regards
>-}Guillaume
>-}
>-}
>-}Marco Borsani a écrit :
>-}
>-}>Yes, If you colud send me some examples should be great!
>-}>
>-}>My apache server support ldap so, probably, I don't need to install
>-}>"libapache-ldapauth or something like that", but I have not idea :
>-}>- how to change .htaccess
>-}>- ..others changes to perform on Nagios
>-}>- setting ldap.conf in Apache (probably just a line like this
>-}"AuthLDAPURL
>-}>ldap://hostname:389/ou=group,o=org.net")
>-}>
>-}>Thank you
>-}>Marco
>-}>
>-}>-}-----Messaggio originale-----
>-}>-}Da: nagios-users-admin at lists.sourceforge.net
>-}>-}[mailto:nagios-users-admin at lists.sourceforge.net]Per conto di guillaume
>-}>-}LOHEZ
>-}>-}Inviato: mercoledì 27 aprile 2005 9.59
>-}>-}A: nagios-users at lists.sourceforge.net
>-}>-}Oggetto: Re: [Nagios-users] ldap authentication
>-}>-}
>-}>-}
>-}>-}Hi,
>-}>-}
>-}>-}To use LDAP auth with Nagios:
>-}>-} - you have to install libapache-ldapauth or something like that
>-}>-} - change the .htaccess to point to your ldap server
>-}>-}Some configuration examples may be found on httpd.apache.org
>-}>-}You have to point to the ldap server, give a login/passwd if need to
>-}>-}bind to your ldap and specify the criteria to allow access
>-}>-}For example, if a user give the good login/passwd, he must be
>-}in a group
>-}>-}"nagios" for example to have access...
>-}>-}
>-}>-}If i remember, ldapauth for apache doesn't support ldaps !!
>-}>-}
>-}>-}I can send you config example if you want...
>-}>-}
>-}>-}Regards
>-}>-}Guillaume
>-}>-}
>-}>-}
>-}>-}Marco Borsani a écrit :
>-}>-}
>-}>-}>Hi all
>-}>-}>
>-}>-}>I have installed an Apache that support the LDAP authentication.
>-}>-}>
>-}>-}>May I configure Nagios to use an LDAP server to view the
>-}WEB/CGI pages?
>-}>-}>
>-}>-}>I read the manual "NAGIOS Version 1.0 Documentaion" but it
>-}>-}explains only how
>-}>-}>to use the htpasswd.user file.
>-}>-}>
>-}>-}>regards
>-}>-}>
>-}>-}>Marco
>-}>-}>
>-}>-}>
>-}>-}>
>-}>-}>-------------------------------------------------------
>-}>-}>SF.Net email is sponsored by: Tell us your software development plans!
>-}>-}>Take this survey and enter to win a one-year sub to SourceForge.net
>-}>-}>Plus IDC's 2005 look-ahead and a copy of this survey
>-}>-}>Click here to start! http://www.idcswdc.com/cgi-bin/survey?id=105hix
>-}>-}>_______________________________________________
>-}>-}>Nagios-users mailing list
>-}>-}>Nagios-users at lists.sourceforge.net
>-}>-}>https://lists.sourceforge.net/lists/listinfo/nagios-users
>-}>-}>::: Please include Nagios version, plugin version (-v) and OS
>-}>-}when reporting any issue.
>-}>-}>::: Messages without supporting info will risk being sent to /dev/null
>-}>-}>
>-}>-}>
>-}>-}>
>-}>-}
>-}>-}
>-}>-}--
>-}>-}Guillaume LOHEZ
>-}>-}Administrateur Systemes & Reseaux
>-}>-}Portable: +33 (0)6 72 23 20 16
>-}>-}E-mail: guillaume.lohez at linagora.com
>-}>-}------------------------------------
>-}>-}LINAGORA
>-}>-}30 Rue Saint Augustin, PARIS 2eme
>-}>-}Telephone: +33 (0)1 58 18 68 28
>-}>-}
>-}>-}
>-}>-}
>-}>-}
>-}>-}-------------------------------------------------------
>-}>-}SF.Net email is sponsored by: Tell us your software development plans!
>-}>-}Take this survey and enter to win a one-year sub to SourceForge.net
>-}>-}Plus IDC's 2005 look-ahead and a copy of this survey
>-}>-}Click here to start! http://www.idcswdc.com/cgi-bin/survey?id�5hix
>-}>-}_______________________________________________
>-}>-}Nagios-users mailing list
>-}>-}Nagios-users at lists.sourceforge.net
>-}>-}https://lists.sourceforge.net/lists/listinfo/nagios-users
>-}>-}::: Please include Nagios version, plugin version (-v) and OS
>-}>-}when reporting any issue.
>-}>-}::: Messages without supporting info will risk being sent to /dev/null
>-}>
>-}>
>-}>
>-}>
>-}
>-}
>-}--
>-}Guillaume LOHEZ
>-}Administrateur Systemes & Reseaux
>-}Portable: +33 (0)6 72 23 20 16
>-}E-mail: guillaume.lohez at linagora.com
>-}------------------------------------
>-}LINAGORA
>-}30 Rue Saint Augustin, PARIS 2eme
>-}Telephone: +33 (0)1 58 18 68 28
>-}
>-}
>-}
>-}
>-}-------------------------------------------------------
>-}SF.Net email is sponsored by: Tell us your software development plans!
>-}Take this survey and enter to win a one-year sub to SourceForge.net
>-}Plus IDC's 2005 look-ahead and a copy of this survey
>-}Click here to start! http://www.idcswdc.com/cgi-bin/survey?id�5hix
>-}_______________________________________________
>-}Nagios-users mailing list
>-}Nagios-users at lists.sourceforge.net
>-}https://lists.sourceforge.net/lists/listinfo/nagios-users
>-}::: Please include Nagios version, plugin version (-v) and OS
>-}when reporting any issue.
>-}::: Messages without supporting info will risk being sent to /dev/null
>
>
>
>
--
Guillaume LOHEZ
Administrateur Systemes & Reseaux
Portable: +33 (0)6 72 23 20 16
E-mail: guillaume.lohez at linagora.com
------------------------------------
LINAGORA
30 Rue Saint Augustin, PARIS 2eme
Telephone: +33 (0)1 58 18 68 28
-------------------------------------------------------
SF.Net email is sponsored by: Tell us your software development plans!
Take this survey and enter to win a one-year sub to SourceForge.net
Plus IDC's 2005 look-ahead and a copy of this survey
Click here to start! http://www.idcswdc.com/cgi-bin/survey?id�5hix
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list