[BULK SPAM] using LDAP-based user authenticat ion

[CWaters at jeld-wen.com]

Yes, mine are populating correctly with the short username.  

>From the info at the top of a page:

Last Updated: Thu Dec 8 14:02:46 PST 2005
Updated every 60 seconds
Nagios(r) - www.nagios.org
Logged in as cwaters

And when an authenticated user acks an alert, it records the same data.

What was your orignal issue?  Does it allow you to authenticate but not
retain the value for the user?


Chris Waters 
WAN/LAN Technician
JELD-WEN, Inc. 
Network Services Group 
===================


-----Original Message-----
From: Eli Stair [mailto:estair at ilm.com] 
Sent: Thursday, December 08, 2005 1:02 PM
To: Chris Waters
Cc: nagios-users at lists.sourceforge.net
Subject: Re: [BULK SPAM] [Nagios-users] using LDAP-based user authenticat
ion
Importance: Low


I'm switching over to using auth_kerb from AD (just because I've done that,
not the authz_ldap).

I'm curious if you both have the username being populated properly in the
"Author" portion of the CGI's when you're adding comments/ ack'ing events.

I still haven't gotten any suggestions from the list on where the problem
lies.

Cheers,

/eli

CWaters at jeld-wen.com wrote:
> I am using authz_ldap and don't seem to have that problem.  Can you 
> show the config for your module?  What is your LDAP store???  
> AD,OpenLDAP...I am authenticating my users against an M$ Active Directory.
Works pretty well.
> I would include your .htaccess code as well.  That way we can compare 
> them to known working configs.
> 
> 
> Chris Waters
> WAN/LAN Technician
> JELD-WEN, Inc. 
> Network Services Group
> ===================
> 
> 
> -----Original Message-----
> From: nagios-users-admin at lists.sourceforge.net
> [mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of Jeff 
> Rattray
> Sent: Thursday, December 08, 2005 12:26 PM
> To: nagios-users at lists.sourceforge.net
> Subject: [BULK SPAM] [Nagios-users] using LDAP-based user 
> authentication
> Importance: Low
> 
> Greetings, everyone.  We (Purdue College of Pharmacy, Nursing and 
> Health
> Sciences) have been using nagios for half of a year now, and it has 
> been really handy.  Currently, we are trying to change the way nagios 
> authenticates users.
> Purdue has implemented a new security policy that says that all 
> passwords, whatever they are for, must be changed every 30 days.  
> Leaving aside the difficulties about changing, say, BIOS passwords in 
> the student labs, we are trying to reduce the number of usernames and 
> passwords that we have to make it easier to keep up with the
password-changing requirement.
> 
> I have successfully configured mod_authz_ldap to handle authentication 
> on our nagios server, and I can log into the nagios pages.  
> Unfortunately, instead of returning a simple username like 'jrattray', 
> the CGIs see my username as 'uid=jrattray,ou=people,o=pnhs.purdue.edu' 
> .  I cannot authorize myself to see any information, because when I 
> put that string into cgi.cfg, nagios breaks it up at the commas into 3 
> different users.  (The equals signs may be confusing it
> also.)
> 
> Here are my questions:
> 
> (1) Does anyone know how to escape this username so that it works in 
> cgi.cfg?
> I have tried entering it as a quoted string, putting slashes in front 
> of the commas, etc.
> 
> (2) Failing that, has anyone had any experience using nagios with 
> mod_auth_ldap?  I used mod_authz_ldap (a third-party product) only 
> because it came with Red Hat EL, but I don't want to bother compiling 
> the official apache module if it does exactly the same thing.
> 
> (3) Failing THAT, how does one submit this to the wish list for nagios?
> 
> Thanks,
> Jeff Rattray
> --
> Jeff Rattray, Ph.D.
> Manager, Web-based Instructional Technology Purdue University College 
> of Pharmacy, Nursing and Health Sciences
> 
> 
> 
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log 
> files for problems?  Stop!  Download the new AJAX search engine that 
> makes searching your log files as easy as surfing the  web.  DOWNLOAD
SPLUNK!
> http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when 
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
> 
> 
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log 
> files for problems?  Stop!  Download the new AJAX search engine that 
> makes searching your log files as easy as surfing the  web.  DOWNLOAD
SPLUNK!
> http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue. 
> ::: Messages without supporting info will risk being sent to /dev/null
> 


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null