Nagios authentication with Active directoy

Paul Weaver paul.weaver at bbc.co.uk
Thu Mar 5 17:13:14 CET 2009

Previous message: Nagios authentication with Active directoy
Next message: ESX server monitroing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> >I want to authenticate my nagios with AD. i read couple of  
> document on net but no luck..any one using this method of 
> authentication please let me know i will appricate your help.
> 
> I'm assuming you mean the Nagios UI, in which case you'll 
> want to look for mod_auth_ldap and active directory.  The 
> Nagios UI is just a web page, authentication is done via your 
> web server.  Assuming Apache, then mod_auth_ldap, or 
> mod_auth_kerberos should be where you are looking.

The way we do it is thus (specifically for ubuntu, YMMV)

Install libapache2-authenntlm-perm 
# apt-get install libapache2-authenntlm-perm 

Edit your apache config thus:

% <Directory "/usr/local/nagios/sbin">
%         Include /etc/ntlm/htaccess
%         Options +ExecCGI
%         AllowOverride None
% </Directory>
% 
% Alias /nagios /usr/local/nagios/share
% <Directory "/usr/local/nagios/share">
%         Include /etc/ntlm/htaccess
% 
%         Options +ExecCGI
%         AddHandler cgi-script .cgi
% </Directory>

And finally create
/etc/ntlm/htaccess
Thus:
% PerlAuthenHandler Apache2::AuthenNTLM
% AuthType ntlm,basic
% AuthName Nagios
% require valid-user
% 
% PerlAddVar ntdomain "MYDOMAIN   dc25  dc26"
% PerlAddVar ntdomain "OTHERDOMAIN   dc25  dc26"
% PerlAddVar ntdomain "THIRDDOMAIN   dc25  dc26"
% 
% PerlSetVar defaultdomain MYDOMAIN
% PerlSetVar fallbackdomain OTHERDOMAIN
% PerlSetVar splitdomainprefix 1
% PerlSetVar ntlmdebug 0

Replance "dc25" with your local domain controller, "dc26" with a backup
one, MYDOMAIN with your main domain, OTHERDOMAIN, THIRDDOMAIN, etc with
any other domains 


This does the AD authentication, and also allows machines to use
transparent passthrough authentication.

Each user will need a nagios account, unless you have a
default_user_name in your cgi.cfg (We do this)

------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Nagios authentication with Active directoy
Next message: ESX server monitroing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list