10.09.2011, 21:35 UTC+2

Sie sind nicht angemeldet.

LDAP Auth problem for icinga-web

Andrey123q

Anfänger

Beiträge: 3

Anzahl Nagios-Server: 1

Nagios-Version(en): 3.0

Verteiltes Monitoring: Nein

Redundantes Monitoring: Nein

Anzahl-Hosts: 20

Anzahl Services: 20

Betriebssystem(e): Debian

Plugin-Version(en): 1.4

NDO-Version: 1

1

16.08.2011, 10:12

LDAP Auth problem for icinga-web

Hello,
I have icinga-web/v1.5.0-dev. I can't login via MS AD ldap.
OS Debian 6.0, Icinga 1.0.2-2

This is my auth.xml:

Quellcode

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

                        AppKit
                        Auth.Provider.LDAP
                        true
                        true
                        true
                        true

                        
                                Name
                                Lastname
                                
                        

                        ldap://comp.city.my
                        DC=comp,DC=city,DC=my
                        
                        
                        sAMAccountName
                        
                

Log's:

Quellcode

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Starting authenticate (username=Name.LastName)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Userdata found in db (uid=7)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=msad-ldap1) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Try LDAP connect (dsn=ldap://comp.city.my,bind=true)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP got resource Resource id #918
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Successfully bind (dn=)
[Tue Aug 16 10:50:14 2011] [info] Auth.Provider.LDAP connection successfully (ldap://comp.city.my)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Prepare LDAPsearch (base=Name.LastName, filter=(objectClass=*))
[Tue Aug 16 10:50:14 2011] [fatal] Uncaught AppKitPHPError: PHP Error ldap_search(): Search: Invalid DN syntax (/usr/local/icinga-web/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php:102) (/usr/local/icinga-web/app/modules/AppKit/lib/logging/AppKitExceptionHandler.class.php:37)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Error: Invalid DN syntax (errno=34,resource=918)
[Tue Aug 16 10:50:14 2011] [info] Auth.Dispatch: Delegate authentication (not_authoritative=msad-ldap1,user=Name.LastName)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=internal) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Delegate authentication, try internal (not_authoritative=msad-ldap1,user=Name.LastName)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.Database: HASH(a4d18531ff30f8a1d305c723a3f67f6ba595dc4d053bde70a077ca282d341a80)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=auth_key) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider: Object (name=http-basic-authentication) initialized
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: Delegate authentication, try http-basic-authentication (not_authoritative=msad-ldap1,user=Name.LastName)
[Tue Aug 16 10:50:14 2011] [error] Auth.Dispatch: Delegate authentication, no providers found for Name.LastName (not_authoritative=msad-ldap1)
[Tue Aug 16 10:50:14 2011] [debug] Auth.Dispatch: User cound not authorized (username=Name.LastName)
[Tue Aug 16 10:50:14 2011] [error] Userlogin by Name.LastName failed!


How to solve this problem?

bernd_erk

Schüler

Beiträge: 145

Geschlecht: Männlich

Wohnort: Nürnberg

Anzahl Nagios-Server: -

Nagios-Version(en): -

Icinga-Version(en): 1.3

Verteiltes Monitoring: Ja

Redundantes Monitoring: Ja

Anzahl-Hosts: -

Anzahl Services: -

Betriebssystem(e): Debian

Plugin-Version(en): -

2

16.08.2011, 12:29

Hello Andrey,

have you tried to replace Name and Lastname. Please checkout the wiki https://wiki.icinga.org/display/howtos/B…nfor+icinga-web

Regards

Bernd
NETWAYS GmbH http://www.netways.de
NETWAYS Blog http://blog.netways.de

Andrey123q

Anfänger

Beiträge: 3

Anzahl Nagios-Server: 1

Nagios-Version(en): 3.0

Verteiltes Monitoring: Nein

Redundantes Monitoring: Nein

Anzahl-Hosts: 20

Anzahl Services: 20

Betriebssystem(e): Debian

Plugin-Version(en): 1.4

NDO-Version: 1

3

16.08.2011, 13:24

Thank you. In my real config I have real AD user and other real information. I simply replace them on abstract names in this topic.
As you see in log:

Quellcode

1
2
[Tue Aug 16 10:50:14 2011] [debug] Auth.Provider.LDAP Successfully bind (dn=)
 [Tue Aug 16 10:50:14 2011] [info] Auth.Provider.LDAP connection successfully (ldap://comp.city.my)


I read all manuals, mailing-lists for icinga-web and this article too.

But I don't solve this problem for this time.

P.S.
PHP Version 5.3.3-7+squeeze3
LDAP Support enabled
RCS Version $Id: ldap.c 299434 2010-05-17 20:09:42Z pajoye $
Total Links 0/unlimited
API Version 3001
Vendor Name OpenLDAP
Vendor Version 20423
SASL Support Enabled

Dieser Beitrag wurde bereits 1 mal editiert, zuletzt von »Andrey123q« (16.08.2011, 13:34)


Andrey123q

Anfänger

Beiträge: 3

Anzahl Nagios-Server: 1

Nagios-Version(en): 3.0

Verteiltes Monitoring: Nein

Redundantes Monitoring: Nein

Anzahl-Hosts: 20

Anzahl Services: 20

Betriebssystem(e): Debian

Plugin-Version(en): 1.4

NDO-Version: 1

4

16.08.2011, 16:30

I had edit file .../Auth/Provider/LDAPModel.class.php and write

Quellcode

1
$res = ($ldap, "OU=MyOU,DC=comp,DC=city,DC=my", $filter);


After that I had another ERROR:

Quellcode

1
2
3
4
[Tue Aug 16 17:19:38 2011] [debug] Auth.Provider.LDAP Successfully bind (dn=)
[Tue Aug 16 17:19:38 2011] [info] Auth.Provider.LDAP connection successfully (ldap://comp.city.my)
[Tue Aug 16 17:19:38 2011] [debug] Auth.Provider.LDAP Prepare LDAPsearch (base=CN=ldapuser,OU=MyOU,DC=comp,DC=city,DC=my, filter=(objectClass=*))
[Tue Aug 16 17:19:38 2011] [info] Auth.Dispatch: Delegate authentication (not_authoritative=msad-ldap1,user=ldapuser)

Ähnliche Themen

  • Order allow,deny Allow from all AuthName "OMD Monitoring Site nagios" AuthType Basic AuthBasicPr...">