[Check_mk (english)] authenticate web user access through ldap/active directory

Lander, Scott slander at hearstsc.com
Mon Aug 15 14:40:32 CEST 2011


If you are using apache, the easiest thing is to put in you apache.conf something like:   (The AuthType Basic is probably already there if you are using htpasswd)

# Ldap
   AuthBasicProvider ldap file
   AuthLDAPURL ldap://myldapserver.mydomain.com:389/ou=something,ou=users,o=hearst?cn
   AuthLDAPBindDN cn=yourldapuser,ou=services,o=myldapdomain
   AuthLDAPBindPassword  ldappasswd
   AuthzLDAPAuthoritative off

#  HTpasswd backup
  AuthType Basic
  AuthUserFile /omd/sites/windows/etc/htpasswd
  require valid-user
</Location>


You might also have to add a few lines to add the appropriate modules

LoadModule authnz_ldap_module /usr/lib/apache2/modules/mod_authnz_ldap.so
LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so

That’s all you need to do, although the syntax for the ldap section can be a bit tricky.

Scott


From: Victor Carpetto [mailto:victor at owlbydesign.com]
Sent: Saturday, August 13, 2011 12:45 PM
To: Lander, Scott; Iceman; checkmk-en at lists.mathias-kettner.de
Subject: RE: [Check_mk (english)] authenticate web user access through ldap/active directory

Do you have suggestions how to integrate this with check_mk?  I’m looking for something similar as well.

Cheers

From: checkmk-en-bounces at lists.mathias-kettner.de [mailto:checkmk-en-bounces at lists.mathias-kettner.de] On Behalf Of Lander, Scott
Sent: Friday, August 12, 2011 4:07 PM
To: Iceman; checkmk-en at lists.mathias-kettner.de
Subject: [Check_mk (english)] authenticate web user access through ldap/active directory

You should change the subject line to match your query…..

Yes, it is possible;


From: checkmk-en-bounces at lists.mathias-kettner.de [mailto:checkmk-en-bounces at lists.mathias-kettner.de] On Behalf Of Iceman
Sent: Friday, August 12, 2011 3:45 PM
To: checkmk-en at lists.mathias-kettner.de
Subject: Re: [Check_mk (english)] host and service contactgroups [SOLVED]

Hi, i just want to know if it's possible to authenticate web user access through ldap/active directory.

Thank you!
------------------------------------------------------------------------------------
This e-mail message is intended only for the personal use of the recipient(s) named above. If you are not an intended recipient, you may not review, copy or distribute this message. If you have received this communication in error, please notify the Hearst Service Center (cadmin at hearstsc.com<mailto:cadmin at hearstsc.com>) immediately by email and delete the original message.
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
This e-mail message is intended only for the personal use of the recipient(s) named above. If you are not an intended recipient, you may not review, copy or distribute this message. If you have received this communication in error, please notify the Hearst Service Center (cadmin at hearstsc.com) immediately by email and delete the original message.
------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mathias-kettner.de/pipermail/checkmk-en/attachments/20110815/4cb4464e/attachment.htm>


More information about the checkmk-en mailing list