Just as an update, I was able to solve this issue. Apparently it had nothing to do with the LDAP authentication and everything to do with the way Puppet was declaring some of my Nagios_contacts. I was under the false assumption that setting the can_submit_commands to True would then be translated to 1 within Icinga. Instead, puppet set the line as can_submit_commands true, which causes Icinga to silently evaluate that as 0.
Thanks for the help anyhow. I'll take a look at WATO for distributed checks I think. On Wed, 2013-10-09 at 05:43 +0000, Marco Klipp wrote: > Carmen, > > we also use omd 1.0 and LDAP authentication. > I only added users with WATO and defined normal and Standard Users. > The definition in auth.conf is the same as yours. > But we use the MK_GUI. > This worked for us. > No changes in cgi.cfg! > > Marco > > > Am Dienstag, den 08.10.2013, 15:29 +0000 schrieb De Vito, Carmen: > > I am currently running OMD 1.00 with Icinga as the core on a CentOS 6.4 > > server. I currently have LDAP authentication added into > > the /omd/sites/<SITENAME>/etc/apache/conf.d/auth.conf config file. > > Additionally, I have added the test ldap user's username for the > > following parameters in cgi.cfg: > > > > authorized_for_system_information=omdadmin,ldapuser > > authorized_for_configuration_information=omdadmin,ldapuser > > authorized_for_full_command_resolution=omdadmin,ldapuser > > authorized_for_system_commands=omdadmin,ldapuser > > authorized_for_all_services=omdadmin,ldapuser > > authorized_for_all_hosts=omdadmin,ldapuser > > authorized_for_all_service_commands=omdadmin,ldapuser > > authorized_for_all_host_commands=omdadmin,ldapuser > > > > After restarting the OMD site, I am able to log into the Icinga Classic > > UI and see all of the hosts and services correctly as ldapuser, but > > whenever I try and commit any command to cmd.cgi, it kicks back stating > > I am "Not Authorized". This does not occur for any users defined in the > > htpasswd file used normally, only users in LDAP. Is there an > > environmental variable or something I should try and set in this case? > > > > _______________________________________________ > > omd-users mailing list > > [email protected] > > http://lists.mathias-kettner.de/mailman/listinfo/omd-users > > > ______________________________________________________________________ > > This email including its attachments is intended for the person or > entity only to which it is addressed. It may contain confidential > and/or privileged material. Any review, forwarding, dissemination, > other use of, or taking of any action in reliance upon this > information by persons or entities other than the intended recipient > is prohibited. If you received this email in error, please contact the > sender and delete the material from any computer system. > > ______________________________________________________________________ > > > Eppendorf AG, Hamburg, Barkhausenweg 1, 22339 Hamburg, Amtsgericht > Hamburg HRB 76249 > Vors. des Aufsichtsrats: Klaus Fink > Vorstand: Dr. Dirk Ehlers (Vorsitzender), Detmar Ammermann, Dr. Heinz > G. Koehn, Dr. Michael Schroeder > > Eppendorf Instrumente GmbH, Hamburg, Amtsgericht Hamburg, HRB 69077 > Geschäftsführer: Rainer Treptow, Dr. Wilhelm Pluester > > Eppendorf Liquid Handling GmbH, Hamburg, Amtsgericht Hamburg, HRB > 92250 > Geschäftsführer: Boris von Beichmann _______________________________________________ omd-users mailing list [email protected] http://lists.mathias-kettner.de/mailman/listinfo/omd-users
