[omd-users] pnp auth?

JB Segal jailbait at gmail.com
Fri Mar 30 21:36:36 CEST 2012


The next step in my omd/check_mk conversion is ldap auth for my users.

Once I realized that 'AuthzLDAP' is NOT the same thing as
'AuthnzLDAP', the basic setup for omd/multisite went fine, but now I'm
getting Forbidden on the pnp popups and pages.

I've found ~/etc/pnp4nagios/config.php, copied it over to
config_local.php and tweaked this:

# # check authorization against mk_livestatus API
# # Available since 0.6.10
# #
$conf['auth_enabled'] = TRUE;
# #
# # Which user is allowed to see all services or all hosts?
# # Keywords: <USERNAME>
# # Example: conf['allowed_for_all_services'] = "nagiosadmin,operator";
# # This option is used while $conf['auth_enabled'] = TRUE
$conf['allowed_for_all_services'] = "omdadmin,jbsegal";
$conf['allowed_for_all_hosts'] = "omdadmin,jbsegal";

and yet, after an omd restart apache, I'm still getting

| Forbidden
|
| You don't have permission to access
/prod_dc/pnp4nagios/index.php/graph on this server.

Even setting it to "EVERYONE" doesn't work, nor does setting
auth_enabled back to FALSE while 'allowed_for_all_*' is set to either
names or EVERYONE.

I haven't found any good docs on this as yet, just
http://omdistro.org/wiki/omd/Pnp4nagios and then to
http://docs.pnp4nagios.org/

where ?do=search&id=%22allowed_for_all%22
turns up 0 hits.

Help?

(I'll write up the pending answer report after I give my boss his
weekly status...)

Thanks in advance,
JB


More information about the omd-users mailing list