Nagios3 frontend with ldap auth


Default setup of nagios on on of our systems had .htaccess auth method setup, and with growing number of users we needed to change to a more centralized and manageable auth method. We decided to include Nagios into our LDAP infrastructure and let Apache web server do the most of the work.


Since nagios is in a seperate vhost, we deleted the default .htaccess auth part and replaced it with:

    AuthBasicProvider ldap
    AuthType Basic
    AuthzLDAPAuthoritative on
    AuthName "Nagios Web Browsing"
    AuthLDAPURL "ldap://ldap.test/ou=People,dc=test?userid?sub?(objectClass=*)" NONE
    AuthLDAPBindDN "cn=proxyuser,ou=People,dc=test"
    AuthLDAPBindPassword IamAsecret
    Require valid-user

#       AuthName "Nagios Access"
#       AuthType Basic
#       AuthUserFile /etc/nagios3/htpasswd.users
#       # nagios 1.x:
#       #AuthUserFile /etc/nagios/htpasswd.users
#       require valid-user

Dont forget to enable the module for apache:

a2enmod authnz_ldap

and restart apache deamon:

/etc/init.d/apache2 restart

Finally in nagios config files we need to change following entries in:

vim /etc/nagios3/cgi.cfg

Now apache is doing the authorization of users, and every user is allowed to do edits on web frontend.


Author: S4mur4i

Happy in the unhappy world.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s