[Check_mk (english)] Checmk 1.5.0p5 Raw edition Connect Users to LDAP (Not working) - LDAP connector

Schmidt, Stefan Stefan.Schmidt at bdt.de
Thu Feb 14 07:17:58 CET 2019 

Hi Kris,

I think your path things are not correct.
see mine
                Login for the ldap client to connect to the server is this
                                Base DN "cn=admintest,ou=test,dc=mydom,dc=local"
                                cn= admintest is the user to log in, ou=test is the folder thing in the ad dc=mydom dc=local see image
                These are for finding the users u want to be able to login
                                User/Group Base DN: "ou=test1,ou=test,dc=mydom,dc=local"
                                This will list all the users in the test1 OU in AD see image
                                I used the same for user and group but guess I could/should use the buildin object
[cid:image001.png at 01D4C433.62B285B0]
yours looks wrong to me , e.g.  u r missing the AD part, and the o= is a typo  and was suposed to be ou= i guess
                cn=Admin,ou=CheckMk,ou=apps,ou=groups,o=org



I found this tool kind of help full
https://www.ldapadministrator.com/info_softerra-ldap-browser.htm

bye Stefan

From: Kris [mailto:krishpatrick at gmail.com]
Sent: Mittwoch, 13. Februar 2019 20:23
To: Schmidt, Stefan
Cc: checkmk-en at lists.mathias-kettner.de
Subject: Re: [Check_mk (english)] Checmk 1.5.0p5 Raw edition Connect Users to LDAP (Not working) - LDAP connector

Hi Stefan and Andreas,

Thanks for the quick reply.
1)  I think I configured the LDAP connection correctly
Found no user object for synchronization. Please check your filter settings

I created cn=Admin,ou=CheckMk,ou=apps,ou=groups,o=org
Under admin I created the users example user=kris which are on top organizational level called user=kris,ou=people,o=org (This is also in bind used as SSO)

In User and Group I have
cn=Admin,ou=CheckMk,ou=apps,ou=groups,o=org

I tried (objectclass=*) as a filter and different combinations, in most cases it asks me to check filter settings . Similar search works on LDAP browser.
Am I making some mistakes may be. I ll play around few more times

2) This is version 1.5.0p5 Raw version . Is it normal the connector is not visible from WATO User management?
The official Docs does not help much. Are there documentations available?

Kind Regards,
Kris





On Wed, Feb 13, 2019 at 8:57 AM Schmidt, Stefan <Stefan.Schmidt at bdt.de<mailto:Stefan.Schmidt at bdt.de>> wrote:
Hi,

Not sure if I understand your problem, are trying to use the users of the Check_MK install against a LADP (AD)?

Anyway this is how it works for me...
In WATO> Config> ?user> LADP Connection
- add a new connection
- Gerneral Properties> give is a ID ( I used a random string like "test1")
- LDAP Connection> Dir Type = AD
Connect to: Manual..., >AD DC Server IP
Enable "Bind Credentials" > Base DN "cn=tester,ou=testcenter,dc=mydom,dc=local"
This is the base connection login user, and it depends on your AD structure, I have a user "tester" in Organizational Unit testcenter in the domain mydom.local
- Password...
- Users > User Base DN: "ou=monitoring,ou=testcenter,dc=mydom,dc=local"
- Groups > Group Base DN: "ou=monitoring,ou=testcenter,dc=mydom,dc=local"
This depend on your AD
> Save and Test

You should ge a lot of green check marks on the top right in the Diagnostics thingy.

- Apply the changes
- go back to Users and you should see all users and groups from your AD.
- edit the users to change roles.

If not, there where errors in the Connection Diagnostics thing or your user/ group Base DN stuff leads to empty  stuff in your AD.

btw I did not have change anything in the AD for this.

bye Stefan


From: checkmk-en [mailto:checkmk-en-bounces at lists.mathias-kettner.de<mailto:checkmk-en-bounces at lists.mathias-kettner.de>] On Behalf Of Kris
Sent: Dienstag, 12. Februar 2019 17:27
To: checkmk-en at lists.mathias-kettner.de<mailto:checkmk-en at lists.mathias-kettner.de>
Subject: [Check_mk (english)] Checmk 1.5.0p5 Raw edition Connect Users to LDAP (Not working) - LDAP connector

Hi Team ,

CheckMk is a great monitoring tool and I am sure there is LDAP connector features already available.

I was wondering how to connect my users to LDAP (AD)
I have the ldap connection setting , but it is not connecting an user to that connection.
As per document I do not see
Global settings --User management

2. Enabling LDAP Connector (only needed before 1.2.7i3)
I do not see the user connectors elsewhere in the settings. I am using 1.5.0p5

Kindly assist,

Thanks and Regards
Kris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.mathias-kettner.de/pipermail/checkmk-en/attachments/20190214/02c240cc/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 22792 bytes
Desc: image001.png
URL: <https://lists.mathias-kettner.de/pipermail/checkmk-en/attachments/20190214/02c240cc/attachment-0001.png>

More information about the checkmk-en mailing list