On 24.09.2013 19:58, Brian Meyer wrote:
>
> I'm using packages from repoforge as mentioned in the install guide on
> the Icinga WIki
> https://wiki.icinga.org/display/howtos/Setting+up+Icinga+with+IDOUtils+on+RHEL

Mh ok so the outdated packages.

>    I'm editing the ldap section of the auth.xml file in
> /etc/conf.d/icinga-web. I'm using ldaps (hope that works) and I've tried
> using  ldap://ldap.foo.bar
> <ae:parameter name="ldap_basedn">dc=foo,dc=bar</ae:parameter>
> <ae:parameter name="ldap_binddn">dc=foo,dc=bar</ae:parameter>  (I've
> tried adding cn="a valid user" and no luck)

your binddn looks strange. how are you doing it with apache ldap auth 
for classic ui?

http://docs.icinga.org/latest/de/icinga-web-config.html#configweb-auth

> These are the errors I'm seeing in icinga-web log
>
> [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object (name=internal)
> initialized
> [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object (name=auth_key)
> initialized
> [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object
> (name=http-basic-authentication) initialized
> [Tue Sep 24 13:43:08 2013] [debug]
> Auth.Provider.HTTPBasicAuthentification: Got data (auth_name=, auth_type=)
> [Tue Sep 24 13:43:08 2013] [debug] Auth.Provider: Object
> (name=openldap-ldap1) initialized
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Dispatch: Starting authenticate
> (username=meyerb)
> [Tue Sep 24 13:43:24 2013] [info] Auth.Dispatch: Converting username to
> lowercase
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Dispatch: User testuser not
> found, try to import
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object (name=internal)
> initialized
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object (name=auth_key)
> initialized
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object
> (name=http-basic-authentication) initialized
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider: Object
> (name=openldap-ldap1) initialized
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Dispatch/import: openldap-ldap1
> will provide the user profile
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider.LDAP Try LDAP connect
> (dsn=ldap://ldap.foo.bar,bind=true)
> [Tue Sep 24 13:43:24 2013] [debug] Auth.Provider.LDAP got resource
> Resource id #267
so the connect happens.
> [Tue Sep 24 13:43:24 2013] [fatal] Uncaught AppKitPHPError: PHP Error
> ldap_bind(): Unable to bind to server: No such object
> (/usr/share/icinga-web/app/modules/AppKit/models/Auth/Provider/LDAPModel.class.php:235)
> (/usr/share/icinga-web/app/modules/AppKit/lib/logging/AppKitExceptionHandler.class.php:59)
> [Tue Sep 24 13:43:24 2013] [error] Auth.Provider.LDAP Bind failed:
> (dn=dc=foo,dc=bar)
> [Tue Sep 24 13:43:24 2013] [error] Auth.Dispatch/import: Import failed
> (provider=openldap-ldap1,msg=Auth.Provider.LDAP: Bind failed)
but the binddn fails. docs url see above.

> Ok, that's cool.Do you recommend starting from scratch and doing a src
> install? I just want to be up to date and avoid security concerns/bugs.
> I read on the monitoring portal that icinga-web up to 1.8.2 had an issue
> not submitting the base DN properly.

Until everything is sorted I do recommend building rpms by yourself. The 
spec files on repoforge are 1:1 the same as shipped with the tarball. 
https://wiki.icinga.org/display/howtos/Build+Icinga+RPMs But keep in 
mind that it's recommended to keep core and web versions the same (i.e. 
1.9.x and 1.9.x)
> Very sorry about my rudeness, won't happen again. I'm a new nagios admin
> and I'm trying to make the switch to Icinga.. just been running into
> roadblocks and yesterday was a huge headache. VERY SORRY!
>
> Thank You for your help, it is truly appreciated !
^_^

kind regards,
Michael



-- 
DI (FH) Michael Friedrich

mail:     michael.friedr...@gmail.com
twitter:  https://twitter.com/dnsmichi
jabber:   dnsmi...@jabber.ccc.de
irc:      irc.freenode.net/icinga dnsmichi

icinga open source monitoring
position: lead core developer
url:      https://www.icinga.org


------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
icinga-users mailing list
icinga-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/icinga-users

Reply via email to