[icinga-users] Windows Active Directory for Icinga-web user management

Assaf Flatto icinga at flatto.net
Thu Mar 8 12:32:57 CET 2012


On 08/03/12 11:09, Maarten Minnebo wrote:
> Thanks for replying Assaf.
>
> I've installed Icinga with yum so I suppose I got the latest versions. 
> I'm using the web 2.0 version of Icinga.
>
> Commands used to install Icinga are:
>
>     * /yum -y install icinga/
>     * /yum -y install icinga-idoutils icinga-gui icinga-api icinga-doc
>       nagios-plugins/
>     * /yum -y install php php-cli php-pear php-xmlrpc php-xsl php-pdo
>       php-gd php-ldap php-mysql perl-Locale-PO
>       http://wiki.nikoforge.org/download/icinga/icinga-rpm.oetken.cc/icinga-web-1.6.1-1.el6.noarch.rpm/
>
> FTR, I did the installation yesterday.
>
>
> KR
>
>
> 2012/3/8 Assaf Flatto <icinga at flatto.net <mailto:icinga at flatto.net>>
>
>     Two questions that will help us help you :
>
>     Which version of icinga are you using ?
>     which version of icinga-web have you implemented ?
>
>
>
>
>     On 08/03/12 08:26, Maarten Minnebo wrote:
>>
>>     Hello
>>
>>     I'm doing my internship and I'm trying to set up an Icinga
>>     monitoring server. We're doing this at an IT company who wants to
>>     monitor all of its clients.
>>
>>     Theywant to be able to logon to the icinga-web with their own
>>     Windows AD user accounts. At the moment I've set up a virtual
>>     network with two Windows Server 2008 R2 machines in it, spread
>>     over two laptops. One (in VirtualBox) is the DC with AD, DNS and
>>     File Server on it. The other one is installed on a laptop and has
>>     Hyper-V on it. In Hyper-V, I installed CentOS 6.2 with Icinga.
>>
>>     I found out that I had to edit the auth.xml file but it seems
>>     that for now only the administrator account can logon to the
>>     icinga-web. Other users (with our without administrator rights)
>>     cannot login.
>>     I've based the auth.xml file on this
>>     tutorial:https://wiki.icinga.org/display/howtos/Beginner+-+Setting+up+active+directory+authenticationfor+icinga-web
>>
>>     But as there's little explanation regarding to the values I
>>     should replace, I'm a little confused here.
>>
>>     *Files:
>>     *
>>
>>         * auth.conf file: http://pastebin.com/RZFKWcwG
>>         * debug log: http://pastebin.com/yWLYeNcz (rather extensive
>>           since I did a lot of testing)
>>
>>
>>     Thanks in advance for your help.
>>
>>     Kind regards
>>
>>
>>     Leegaert
>>
>>
>>     ------------------------------------------------------------------------------
>>     Virtualization&  Cloud Management Using Capacity Planning
>>     Cloud computing makes use of virtualization - but cloud computing
>>     also focuses on allowing computing to be delivered as a service.
>>     http://www.accelacomm.com/jaw/sfnl/114/51521223/
>>
>>
>>     _______________________________________________
>>     icinga-users mailing list
>>     icinga-users at lists.sourceforge.net  <mailto:icinga-users at lists.sourceforge.net>
>>     https://lists.sourceforge.net/lists/listinfo/icinga-users
>
>
>     ------------------------------------------------------------------------------
>     Virtualization & Cloud Management Using Capacity Planning
>     Cloud computing makes use of virtualization - but cloud computing
>     also focuses on allowing computing to be delivered as a service.
>     http://www.accelacomm.com/jaw/sfnl/114/51521223/
>     _______________________________________________
>     icinga-users mailing list
>     icinga-users at lists.sourceforge.net
>     <mailto:icinga-users at lists.sourceforge.net>
>     https://lists.sourceforge.net/lists/listinfo/icinga-users
>
>
>
> ------------------------------------------------------------------------------
> Virtualization&  Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
>
>
> _______________________________________________
> icinga-users mailing list
> icinga-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/icinga-users

Comparing your auth.xml to the sample in the wiki shows that you are 
using openldap-ldap1 instead of

msad-ldap1 as specified in the wiki , now I maybe off the mark , but if this is interpreted as the type it could cause issues in the connection.

Also i was unable to see the log as it is a "private" pastebin and require a login .


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.icinga.org/pipermail/icinga-users/attachments/20120308/d006aa13/attachment-0001.html>


More information about the icinga-users mailing list