comment utiliser le " Groupe de sécurité " ldap pour l'authentification de Nagios wesite hébergée par httpd ?
Voici ce que nous essayons de réaliser:
Nous voulons authentifier les utilisateurs de Windows active directory qui font partie d'un "groupe de sécurité" spécifique, pour NagiOS.
J'ai créé ci-dessous un nouveau fichier de configuration, pour cette perpose, comme ci-dessous:
/ etc. /httpd/conf.d/ nagios.conf
ScriptAlias /nagios/cgi-bin/ "/usr/lib64/nagios/cgi-bin/" <Directory "/usr/lib64/nagios/cgi-bin/"> Options ExecCGI AllowOverride None Order allow,deny Allow from all DirectoryIndex index.php index.html AuthType Basic AuthBasicProvider ldap file AuthName "LDAP Authentication" AuthLDAPURL "ldap://server01.mytestdomain.com:389/CN=Nagios_Auth_Group,OU=Test,OU=IT,OU=authorization,DC=mytestdomain,DC=local?sAMAccountName?sub?" AuthLDAPBindDN "CN=Nagios_User,OU=Users,DC=mytestdomain,DC=local" AuthLDAPBindPassword "mypass#01" AuthLDAPGroupAttribute memberUid AuthLDAPGroupAttributeIsDN on Require ldap-group "CN=Nagios_Auth_Group,OU=Test,OU=IT,OU=authorization,DC=mytestdomain,DC=local" AuthUserFile /etc/nagios/htpasswd.users Require valid-user </Directory> Alias /nagios "/usr/share/nagios/html" <Directory "/usr/share/nagios/html"> Options None AllowOverride None Order allow,deny Allow from all DirectoryIndex index.php index.html AuthType Basic AuthBasicProvider ldap file AuthName "LDAP Authentication" AuthLDAPURL "ldap://server01.mytestdomain.com:389/CN=Nagios_Auth_Group,OU=Test,OU=IT,OU=authorization,DC=mytestdomain,DC=local?sAMAccountName?sub?" AuthLDAPBindDN "CN=Nagios_User,OU=Users,DC=mytestdomain,DC=local" AuthLDAPBindPassword "mypass#01" AuthLDAPGroupAttribute memberUid AuthLDAPGroupAttributeIsDN on Require ldap-group "CN=Nagios_Auth_Group,OU=Test,OU=IT,OU=authorization,DC=mytestdomain,DC=local" AuthUserFile /etc/nagios/htpasswd.users Require valid-user </Directory>
Erreur reçue:
/ var/log/httpd/error_log
[Date and Time removed] [auth_basic:error] [pid XXXXXX] [client 127.0.0.1:44068] AH01617: user nagios_test_user01: authentication failure for "/nagios/": Password Mismatch
Supplémentaires Informations qui pourraient être utiles pour aider à résoudre l'erreur ou le problème de configuration:
Détails du Système d'exploitation:
NAME="Red Hat Enterprise Linux Server" VERSION="7.3 (Maipo)" ID="rhel" ID_LIKE="fedora" VERSION_ID="7.3" PRETTY_NAME="Red Hat Enterprise Linux" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:redhat:enterprise_linux:7.3:GA:server" HOME_URL="https://www.redhat.com/" BUG_REPORT_URL="https://bugzilla.redhat.com/" REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 7" REDHAT_BUGZILLA_PRODUCT_VERSION=7.3 REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux" REDHAT_SUPPORT_PRODUCT_VERSION="7.3" Red Hat Enterprise Linux Server release 7.3 (Maipo) Red Hat Enterprise Linux Server release 7.3 (Maipo)
Uname-a
Linux server07 3.10.0-514.6.1.el7.x86_64 #1 SMP [Date & Time details removed] x86_64 x86_64 x86_64 GNU/Linux
Httpd-v
Server version: Apache/2.4.6 (Red Hat Enterprise Linux) Server built: [Date & Time details removed]
Version de Nagios
Nagios® Core™ Version 4.2.4
Erreur
[Mon Mar 02 09:33:12.273726 2020] [auth_basic:error] [pid 38654] [client 127.0.0.1:57388] AH08217: user test_user: authentication failure for "/nagios/": Password Mismatch