Posts Tagged ‘ldap’

Apache: setting up ldap for authentication for Nagios

Thursday, December 3rd, 2009

We already have LDAP running in my environment. So, with SLES 10 SP3 and Apache here is a quick way to get your web based Nagios application using your LDAP system.

  1. Set up your nagios.conf file under /etc/apache2/conf.d
  2. Add the following lines to the nagios share
       AuthName   LDAP_Auth_Test                  
       AuthBasicProvider ldap                     
       AuthzLDAPAuthoritative off
       AuthLDAPBindDN uid=your user name,dc=your domain,dc=com
       AuthLDAPBindPassword  password for your user name                         
       AuthLDAPURL ldap://ldap.com:389/dc=your value
    ,dc=your value,dc=com?uid?
    
  3. Change the permissions on the nagios.conf file to 400 with the Apache user as the owner. The reason is for security and the only user that needs to read the file is Apache. Don’t worry, root will be able to modify the file.
  4. Vi /etc/sysconfig/apache2 and add the following to the APACHE_MODULES section: authnz_ldap ldap
  5. Start Apache and you are finished. When someone connects to the application, they will receive the authentication text box, so they can enter their userid and password before entering the application.

NOTE: Users are only authenticating against the application. Once they leave the web application, they will be required to authenticate against your proxy server. That is considering you are running Nagios internally with apache on the same host.

Enjoy and I hope this helps.