On 24.09.2013 19:58, Brian Meyer wrote: > > I'm using packages from repoforge as mentioned in the install guide on > the Icinga WIki > https://wiki.icinga.org/display/howtos/Setting+up+Icinga+with+IDOUtils+on+RHEL
Mh ok so the outdated packages. > I'm editing the ldap section of the auth.xml file in > /etc/conf.d/icinga-web. I'm using ldaps (hope that works) and I've tried > using ldap://ldap.foo.bar > <ae:parameter name="ldap_basedn">dc=foo,dc=bar</ae:parameter> > <ae:parameter name="ldap_binddn">dc=foo,dc=bar</ae:parameter> (I've > tried adding cn="a valid user" and no luck) your binddn looks strange. how are you doing it with apache ldap auth for classic ui? http://docs.icinga.org/latest/de/icinga-web-config.html#configweb-auth > These are the errors I'm seeing in icinga-web log > > [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object (name=internal) > initialized > [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object (name=auth_key) > initialized > [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object > (name=http-basic-authentication) initialized > [Tue Sep 24 13:43:08 2013] [debug] > Auth.Provider.HTTPBasicAuthentification: Got data (auth_name=, auth_type=) > [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object > (name=openldap-ldap1) initialized > [Tue Sep 24 13:43:24 2013] [debug] Auth.Dispatch: Starting authenticate > (username=meyerb) > [Tue Sep 24 13:43:24 2013] [info] Auth.Dispatch: Converting username to > lowercase > [Tue Sep 24 13:43:24 2013] [debug] Auth.Dispatch: User testuser not > found, try to import > [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object (name=internal) > initialized > [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object (name=auth_key) > initialized > [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object > (name=http-basic-authentication) initialized > [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object > (name=openldap-ldap1) initialized > [Tue Sep 24 13:43:24 2013] [debug] Auth.Dispatch/import: openldap-ldap1 > will provide the user profile > [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider.LDAP Try LDAP connect > (dsn=ldap://ldap.foo.bar,bind=true) > [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider.LDAP got resource > Resource id #267 so the connect happens. > [Tue Sep 24 13:43:24 2013] [fatal] Uncaught AppKitPHPError: PHP Error > ldap_bind(): Unable to bind to server: No such object > (/usr/share/icinga-web/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php:235) > (/usr/share/icinga-web/app/modules/AppKit/lib/logging/AppKitExceptionHandler.class.php:59) > [Tue Sep 24 13:43:24 2013] [error] Auth.Provider.LDAP Bind failed: > (dn=dc=foo,dc=bar) > [Tue Sep 24 13:43:24 2013] [error] Auth.Dispatch/import: Import failed > (provider=openldap-ldap1,msg=Auth.Provider.LDAP: Bind failed) but the binddn fails. docs url see above. > Ok, that's cool.Do you recommend starting from scratch and doing a src > install? I just want to be up to date and avoid security concerns/bugs. > I read on the monitoring portal that icinga-web up to 1.8.2 had an issue > not submitting the base DN properly. Until everything is sorted I do recommend building rpms by yourself. The spec files on repoforge are 1:1 the same as shipped with the tarball. https://wiki.icinga.org/display/howtos/Build+Icinga+RPMs But keep in mind that it's recommended to keep core and web versions the same (i.e. 1.9.x and 1.9.x) > Very sorry about my rudeness, won't happen again. I'm a new nagios admin > and I'm trying to make the switch to Icinga.. just been running into > roadblocks and yesterday was a huge headache. VERY SORRY! > > Thank You for your help, it is truly appreciated ! ^_^ kind regards, Michael -- DI (FH) Michael Friedrich mail: michael.friedr...@gmail.com twitter: https://twitter.com/dnsmichi jabber: dnsmi...@jabber.ccc.de irc: irc.freenode.net/icinga dnsmichi icinga open source monitoring position: lead core developer url: https://www.icinga.org ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ icinga-users mailing list icinga-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/icinga-users
