Using both NTLM and htpasswd file authentication for NAGIOS web interface

Alex Dehaini alexdehaini at gmail.com
Sat May 23 14:59:37 CEST 2009

Previous message: Using both NTLM and htpasswd file authentication for NAGIOS web interface
Next message: Using both NTLM and htpasswd file authentication for NAGIOS web interface
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Tunde,

I have never tried this before but I will suggest you try your auth systems
one at a time to know they are working before implementing them.

Nagios uses apache http authentication by default so you should not have any
issues with this. Or maybe I am missing something, please correct if I am.

Never tried NTLM authentication with nagios so I can't help in that area but
you can look at this link

http://www.itefix.no/i2/node/11683

I am sure there are pam or kerberos modules that can talk to a dbase like
ldap or AD.

Regards,
Alex




On Sat, May 23, 2009 at 12:34 PM, Ayotunde Itayemi <
Ayotunde.Itayemi at zain.com> wrote:

>  Hi All,
>
> I would like to use both NTLM authentication and htpasswd authentication to
> grant access to the NAGIOS web interface. If possible, authenticate against
> Windows AD first, and if not successful, authenticate against the apache
> htpasswd file (possibly use the htpasswd file like a fall-back/default
> authentication mechanism).
>
>
>
> My /etc/httpd/conf.d/nagios.conf file’s content is listed below.  I suspect
> I need to incorporate “AuthType Basic” in there somehow, but I have tried
> various option (specifying the htppasswd file too, but I usually end up with
> the authentication not functioning at all)
>
>
>
> The first access dialog box has the text “Enter username and password for
> http://mynagios” and if I enter a valid Windows AD credential, I get
> logged in. If instead, I select cancel on this dialog box, I get a second
> access dialog box with the text “A username and password are being requested
> by http://znlnagios. The site says: "NAGIOS". If I supply a valid Windows
> AD credential, I get logged in also.
>
>
>
> This also brings me to a related issue, I cannot use the “Downtime” module
> – and any other module by which I can submit a command. I get the message
> that I am not authorized to submit the command to Nagios. Yet, I have added
> the user (MYDOMAIN\username and also username) to the relevant sections of
> the cgi.cgi file.
>
> Thanks.
>
>
>
> The content of /etc/httpd/conf.d/nagios.conf
>
> # cat /etc/httpd/conf.d/nagios.conf
>
>   NTLMAuth on
>
>   NTLMAuthoritative on
>
>   NTLMBasicAuth on
>
>   NTLMBasicRealm NAGIOS
>
>   AuthUserFile /usr/local/nagios/etc/htpasswd.users
>
>   NTLMDomain MY-WINDOWS-DOMAIN
>
>   NTLMLockfile /tmp/_my.lck
>
>   NTLMServer my-winaddc1
>
>   NTLMBackup my-winaddc2
>
>   Require valid-user
>
> #  Satisfy all
>
> </Directory>
>
>
>
> Alias /nagios "/usr/local/nagios/share"
>
>
>
> <Directory "/usr/local/nagios/share">
>
>   AuthName NTAuth
>
>   AuthType NTLM
>
>   NTLMAuth on
>
>   NTLMAuthoritative on
>
>   NTLMBasicAuth on
>
>   NTLMBasicRealm NAGIOS
>
>   AuthUserFile /usr/local/nagios/etc/htpasswd.users
>
>   NTLMDomain MY-WINDOWS-DOMAIN
>
>   NTLMLockfile /tmp/_my.lck
>
>   NTLMServer my-winaddc1
>
>   NTLMBackup my-winaddc2
>
>   Require valid-user
>
>   Satisfy all
>
> </Directory>
>
>
>
>
> ------------------------------------------------------------------------------
> Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
> is a gathering of tech-side developers & brand creativity professionals.
> Meet
> the minds behind Google Creative Lab, Visual Complexity, Processing, &
> iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
> Group, R/GA, & Big Spaceship. http://www.creativitycat.com
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>



-- 
Alex Dehaini
Developer
Site - www.alexdehaini.com
Email - alexdehaini at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20090523/3eae1340/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, & 
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com 
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Using both NTLM and htpasswd file authentication for NAGIOS web interface
Next message: Using both NTLM and htpasswd file authentication for NAGIOS web interface
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list