[Check_mk (english)] Checmk 1.5.0p5 Raw edition Connect Users to LDAP (Not working) - LDAP connector

Kris krishpatrick at gmail.com
Thu Feb 14 13:38:38 CET 2019


Hi Stefan,

Thanks very much for your response.
I am using the softerra tool already (LDAP administrator) and I can search
the user and group base DN , because the setup is different so ou and o
looks good to me.
cn=Admin,ou=CheckMk,ou=apps,ou=groups,o=org
Under Admin I have the attributes UniqueMember like below
 uniqueMember: uid=Kris,ou=people,o=org
 description: CheckMk_WatoAdmins
 cn: Admin
 objectClass: groupOfUniqueNames
 objectClass: top
The same search is not working on WATO -
Either i get filter errors, now I do only objectclass=* in the filter and I
get this error

Connection Connection established. The connection settings seem to be ok.
User Base-DN The User Base DN could be found.
Count Users list index out of range
Group Base-DN The Group Base DN could be found.
Count Groups Found no group object for synchronization. Please check your
filter settings.
Sync-Plugin: Roles Skipping this test (Plugin is not enabled)

Kris

On Thu, Feb 14, 2019 at 7:18 AM Schmidt, Stefan <Stefan.Schmidt at bdt.de>
wrote:

> Hi Kris,
>
>
>
> I think your path things are not correct.
>
> see mine
>
>                 Login for the ldap client to connect to the server is
> this
>
>                                 Base DN
> "cn=admintest,ou=test,dc=mydom,dc=local"
>
> *                                cn= admintest* is the user to log in,
> *ou=test* is the folder thing in the ad *dc=mydom dc=local* see image
>
>                 These are for finding the users u want to be able to login
>
>                                 User/Group Base DN:
> "ou=test1,ou=test,dc=mydom,dc=local"
>
>                                 This will list all the users in the test1
> OU in AD see image
>
>                                 I used the same for user and group but
> guess I could/should use the *buildin* object
>
> yours looks wrong to me , e.g.  u r missing the AD part, and the o= is a
> typo  and was suposed to be ou= i guess
>
>                 cn=Admin,ou=CheckMk,ou=apps,ou=groups,o=org
>
>
>
>
>
>
>
> I found this tool kind of help full
>
> https://www.ldapadministrator.com/info_softerra-ldap-browser.htm
>
>
>
> bye Stefan
>
>
>
> *From:* Kris [mailto:krishpatrick at gmail.com]
> *Sent:* Mittwoch, 13. Februar 2019 20:23
> *To:* Schmidt, Stefan
> *Cc:* checkmk-en at lists.mathias-kettner.de
> *Subject:* Re: [Check_mk (english)] Checmk 1.5.0p5 Raw edition Connect
> Users to LDAP (Not working) - LDAP connector
>
>
>
> Hi Stefan and Andreas,
>
>
>
> Thanks for the quick reply.
>
> 1)  I think I configured the LDAP connection correctly
>
> Found no user object for synchronization. Please check your filter settings
>
>
>
>
> I created cn=Admin,ou=CheckMk,ou=apps,ou=groups,o=org
>
> Under admin I created the users example user=kris which are on top
> organizational level called user=kris,ou=people,o=org (This is also in bind
> used as SSO)
>
>
>
> In User and Group I have
>
> cn=Admin,ou=CheckMk,ou=apps,ou=groups,o=org
>
>
>
> I tried (objectclass=*) as a filter and different combinations, in most
> cases it asks me to check filter settings . Similar search works on LDAP
> browser.
>
> Am I making some mistakes may be. I ll play around few more times
>
>
>
> 2) This is version 1.5.0p5 Raw version . Is it normal the connector is not
> visible from WATO User management?
>
> The official Docs does not help much. Are there documentations available?
>
>
>
> Kind Regards,
>
> Kris
>
>
>
>
>
>
>
>
>
>
>
> On Wed, Feb 13, 2019 at 8:57 AM Schmidt, Stefan <Stefan.Schmidt at bdt.de>
> wrote:
>
> Hi,
>
>
>
> Not sure if I understand your problem, are trying to use the users of the
> Check_MK install against a LADP (AD)?
>
>
>
> Anyway this is how it works for me...
>
> In WATO> Config> ?user> LADP Connection
>
> - add a new connection
>
> - Gerneral Properties> give is a ID ( I used a random string like "test1")
>
> - LDAP Connection> Dir Type = AD
>
> Connect to: Manual..., >AD DC Server IP
>
> Enable "Bind Credentials" > Base DN
> "cn=tester,ou=testcenter,dc=mydom,dc=local"
>
> This is the base connection login user, and it depends on your AD
> structure, I have a user "tester" in Organizational Unit testcenter in the
> domain mydom.local
>
> - Password...
>
> - Users > User Base DN: "ou=monitoring,ou=testcenter,dc=mydom,dc=local"
>
> - Groups > Group Base DN: "ou=monitoring,ou=testcenter,dc=mydom,dc=local"
>
> This depend on your AD
>
> > Save and Test
>
>
>
> You should ge a lot of green check marks on the top right in the
> Diagnostics thingy.
>
>
>
> - Apply the changes
>
> - go back to Users and you should see all users and groups from your AD.
>
> - edit the users to change roles.
>
>
>
> If not, there where errors in the Connection Diagnostics thing or your
> user/ group Base DN stuff leads to empty  stuff in your AD.
>
>
>
> btw I did not have change anything in the AD for this.
>
>
>
> bye Stefan
>
>
>
>
>
> *From:* checkmk-en [mailto:checkmk-en-bounces at lists.mathias-kettner.de] *On
> Behalf Of *Kris
> *Sent:* Dienstag, 12. Februar 2019 17:27
> *To:* checkmk-en at lists.mathias-kettner.de
> *Subject:* [Check_mk (english)] Checmk 1.5.0p5 Raw edition Connect Users
> to LDAP (Not working) - LDAP connector
>
>
>
> Hi Team ,
>
>
>
> CheckMk is a great monitoring tool and I am sure there is LDAP connector
> features already available.
>
>
>
> I was wondering how to connect my users to LDAP (AD)
>
> I have the ldap connection setting , but it is not connecting an user to
> that connection.
>
> As per document I do not see
>
> Global settings --User management
>
>
>
> 2. Enabling LDAP Connector (only needed before 1.2.7i3)
>
> I do not see the user connectors elsewhere in the settings. I am using
> 1.5.0p5
>
>
>
> Kindly assist,
>
>
>
> Thanks and Regards
>
> Kris
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.mathias-kettner.de/pipermail/checkmk-en/attachments/20190214/22e18f48/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 22792 bytes
Desc: not available
URL: <https://lists.mathias-kettner.de/pipermail/checkmk-en/attachments/20190214/22e18f48/attachment-0001.png>


More information about the checkmk-en mailing list