LDAP Auth problem for icinga-web

Andrey123q

Anfänger

Beiträge: 3

Anzahl Nagios-Server: 1

Nagios-Version(en): 3.0

Verteiltes Monitoring: Nein

Redundantes Monitoring: Nein

Anzahl-Hosts: 20

Anzahl Services: 20

Betriebssystem(e): Debian

Plugin-Version(en): 1.4

NDO-Version: 1

16.08.2011, 10:12

LDAP Auth problem for icinga-web

Hello,
I have icinga-web/v1.5.0-dev. I can't login via MS AD ldap.
OS Debian 6.0, Icinga 1.0.2-2

This is my auth.xml:

	Quellcode
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21	AppKit Auth.Provider.LDAP true true true true Name Lastname ldap://comp.city.my DC=comp,DC=city,DC=my sAMAccountName

Log's:

Quellcode

[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Starting authenticate (username=Name.LastName)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Userdata found in db (uid=7)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=msad-ldap1) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Try LDAP connect (dsn=ldap://comp.city.my,bind=true)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP got resource Resource id #918
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Successfully bind (dn=)
[Tue Aug 16 10:50:14 2011] [info] Auth.Provider.LDAP connection successfully (ldap://comp.city.my)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Prepare LDAPsearch (base=Name.LastName, filter=(objectClass=*))
[Tue Aug 16 10:50:14 2011] [fatal] Uncaught AppKitPHPError: PHP Error ldap_search(): Search: Invalid DN syntax (/usr/local/icinga-web/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php:102) (/usr/local/icinga-web/app/modules/AppKit/lib/logging/AppKitExceptionHandler.class.php:37)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Error: Invalid DN syntax (errno=34,resource=918)
[Tue Aug 16 10:50:14 2011] [info] Auth.Dispatch: Delegate authentication (not_authoritative=msad-ldap1,user=Name.LastName)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=internal) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Delegate authentication, try internal (not_authoritative=msad-ldap1,user=Name.LastName)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.Database: HASH(a4d18531ff30f8a1d305c723a3f67f6ba595dc4d053bde70a077ca282d341a80)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=auth_key) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=http-basic-authentication) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Delegate authentication, try http-basic-authentication (not_authoritative=msad-ldap1,user=Name.LastName)
[Tue Aug 16 10:50:14 2011] [error] Auth.Dispatch: Delegate authentication, no providers found for Name.LastName (not_authoritative=msad-ldap1)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: User cound not authorized (username=Name.LastName)
[Tue Aug 16 10:50:14 2011] [error] Userlogin by Name.LastName failed!

How to solve this problem?

Zum Seitenanfang

bernd_erk

Schüler

Beiträge: 145

Geschlecht: Männlich

Wohnort: Nürnberg

Anzahl Nagios-Server: -

Nagios-Version(en): -

Icinga-Version(en): 1.3

Verteiltes Monitoring: Ja

Redundantes Monitoring: Ja

Anzahl-Hosts: -

Anzahl Services: -

Betriebssystem(e): Debian

Plugin-Version(en): -

16.08.2011, 12:29

Hello Andrey,

have you tried to replace Name and Lastname. Please checkout the wiki https://wiki.icinga.org/display/howtos/B…nfor+icinga-web

Regards

Bernd

NETWAYS GmbH http://www.netways.de
NETWAYS Blog http://blog.netways.de

Zum Seitenanfang

Andrey123q

Anfänger

Beiträge: 3

Anzahl Nagios-Server: 1

Nagios-Version(en): 3.0

Verteiltes Monitoring: Nein

Redundantes Monitoring: Nein

Anzahl-Hosts: 20

Anzahl Services: 20

Betriebssystem(e): Debian

Plugin-Version(en): 1.4

NDO-Version: 1

16.08.2011, 13:24

Thank you. In my real config I have real AD user and other real information. I simply replace them on abstract names in this topic.
As you see in log:

	Quellcode
1 2	[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Successfully bind (dn=) [Tue Aug 16 10:50:14 2011] [info] Auth.Provider.LDAP connection successfully (ldap://comp.city.my)

I read all manuals, mailing-lists for icinga-web and this article too.

But I don't solve this problem for this time.

P.S.
PHP Version 5.3.3-7+squeeze3
LDAP Support enabled
RCS Version $Id: ldap.c 299434 2010-05-17 20:09:42Z pajoye $
Total Links 0/unlimited
API Version 3001
Vendor Name OpenLDAP
Vendor Version 20423
SASL Support Enabled

Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von »Andrey123q« (16.08.2011, 13:34)

Zum Seitenanfang

Andrey123q

Anfänger

Beiträge: 3

Anzahl Nagios-Server: 1

Nagios-Version(en): 3.0

Verteiltes Monitoring: Nein

Redundantes Monitoring: Nein

Anzahl-Hosts: 20

Anzahl Services: 20

Betriebssystem(e): Debian

Plugin-Version(en): 1.4

NDO-Version: 1

16.08.2011, 16:30

I had edit file .../Auth/Provider/LDAPModel.class.php and write

	Quellcode
1	$res = ($ldap, "OU=MyOU,DC=comp,DC=city,DC=my", $filter);

After that I had another ERROR:

Quellcode

[Tue Aug 16 17:19:38 2011] [debug] Auth.Provider.LDAP Successfully bind (dn=)
[Tue Aug 16 17:19:38 2011] [info] Auth.Provider.LDAP connection successfully (ldap://comp.city.my)
[Tue Aug 16 17:19:38 2011] [debug] Auth.Provider.LDAP Prepare LDAPsearch (base=CN=ldapuser,OU=MyOU,DC=comp,DC=city,DC=my, filter=(objectClass=*))
[Tue Aug 16 17:19:38 2011] [info] Auth.Dispatch: Delegate authentication (not_authoritative=msad-ldap1,user=ldapuser)

Zum Seitenanfang

Nagios-/Icinga-Portal

LDAP Auth problem for icinga-web

LDAP Auth problem for icinga-web

Quellcode

Quellcode

Quellcode

Quellcode

Quellcode

Ähnliche Themen