{"id":1262,"date":"2017-07-28T15:14:27","date_gmt":"2017-07-28T14:14:27","guid":{"rendered":"http:\/\/diablo.craem.net\/?p=1262"},"modified":"2017-07-28T15:14:27","modified_gmt":"2017-07-28T14:14:27","slug":"nagios-openldap-auth-apache-2-4","status":"publish","type":"post","link":"https:\/\/diablo.craem.net\/?p=1262","title":{"rendered":"Nagios + openldap auth + apache 2.4"},"content":{"rendered":"<p>Esta vez, vamos a integrar la authenticaci\u00f3n de usuarios de nuestro nagios con nuestro openLDAP.<br \/>\nPrimero de todo, habilitamos los m\u00f3dulos ldap \/ authnz_ldap<br \/>\n<code><br \/>\na2enmod authnz_ldap<br \/>\na2enmod ldap<br \/>\n<\/code><br \/>\nModificamos el fichero de sites del nagios:<br \/>\n<code><br \/>\n#nano \/etc\/apache2\/sites-available\/nagios.conf<br \/>\n<\/code><br \/>\nY lo dejamos tal que:<br \/>\n<code><br \/>\n# SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER<br \/>\n#<br \/>\n# This file contains examples of entries that need<br \/>\n# to be incorporated into your Apache web server<br \/>\n# configuration file.  Customize the paths, etc. as<br \/>\n# needed to fit your system.<\/code><br \/>\n<code><code><\/code><\/code><br \/>\nScriptAlias \/nagios\/cgi-bin \u00ab\/usr\/local\/nagios\/sbin\u00bb<br \/>\n<code><code><\/code><\/code><br \/>\n&lt;directory \u00ab=\u00bb\u00bb usr=\u00bb\u00bb local=\u00bb\u00bb nagios=\u00bb\u00bb sbin\u00bb=\u00bb\u00bb&gt;<br \/>\n# SSLRequireSSL<br \/>\nOptions ExecCGI<br \/>\nAllowOverride None<br \/>\n\u00ab&lt;\u00abIfVersion &gt;= 2.3&gt;<br \/>\nAuthType Basic<br \/>\nRequire all granted<br \/>\nAuthName \u00abNagios Access\u00bb<br \/>\nAuthLDAPURL \u00abldap:\/\/ldap.miserver.local\/dc=miserver,dc=local?uid?sub?(objectClass=*)\u00bb<br \/>\nAuthBasicprovider ldap<br \/>\nAuthUserFile \/dev\/null<br \/>\nRequire valid-user<br \/>\n\u00ab&lt;\u00abIfVersion &lt; 2.3&gt;<br \/>\nOrder allow,deny<br \/>\nAllow from all<br \/>\nAuthType Basic<br \/>\nRequire all granted<br \/>\nAuthName \u00abNagios Access\u00bb<br \/>\nAuthLDAPURL ldap:\/\/ldap.miserver.local\/dc=miserver,dc=local?uid?sub?(objectClass=*)<br \/>\nAuthBasicprovider ldap<br \/>\nAuthUserFile \/dev\/null<br \/>\nRequire valid-user<br \/>\n<code><code><\/code><\/code><br \/>\n<code><code><\/code><\/code><br \/>\nAlias \/nagios \u00ab\/usr\/local\/nagios\/share\u00bb<br \/>\n<code><code><\/code><\/code><br \/>\n&lt;directory \u00ab=\u00bb\u00bb usr=\u00bb\u00bb local=\u00bb\u00bb nagios=\u00bb\u00bb share\u00bb=\u00bb\u00bb&gt;<br \/>\n# SSLRequireSSL<br \/>\nOptions None<br \/>\nAllowOverride None<br \/>\n\u00ab&lt;\u00abIfVersion &gt;= 2.3&gt;<br \/>\nAuthType Basic<br \/>\nRequire all granted<br \/>\nAuthName \u00abNagios Access\u00bb<br \/>\nAuthLDAPURL ldap:\/\/ldap.miserver.local\/dc=miserver,dc=local?uid?sub?(objectClass=*)<br \/>\nAuthBasicprovider ldap<br \/>\nAuthUserFile \/dev\/null<br \/>\nRequire valid-user<br \/>\n<code><code><\/code><\/code><br \/>\n\u00ab&lt;\u00abIfVersion &lt; 2.3&gt;<br \/>\nOrder allow,deny<br \/>\nAllow from all<br \/>\nAuthType Basic<br \/>\nRequire all granted<br \/>\nAuthName \u00abNagios Access\u00bb<br \/>\nAuthLDAPURL ldap:\/\/ldap.miserver.local\/dc=miserver,dc=local?uid?sub?(objectClass=*)<br \/>\nAuthBasicprovider ldap<br \/>\nAuthUserFile \/dev\/null<br \/>\nRequire valid-user<br \/>\n<code><br \/>\n<\/code><br \/>\n<code><br \/>\n<\/code><br \/>\nAhora modificamos el nagios para que acepte los usuarios:<br \/>\n<code>\/<br \/>\n#nano \/usr\/local\/nagios\/etc\/cgi.cfg<br \/>\n<\/code><br \/>\nY dejamos las siguientes l\u00ed\u00adneas as\u00ed\u00ad:<br \/>\n<code><br \/>\nauthorized_for_system_information=*<br \/>\nauthorized_for_configuration_information=*<br \/>\nauthorized_for_system_commands=*<br \/>\nauthorized_for_all_services=*<br \/>\nauthorized_for_all_hosts=*<br \/>\nauthorized_for_all_service_commands=*<br \/>\nauthorized_for_all_host_commands=*<br \/>\n<\/code><br \/>\nReiniciamos apache + nagios y a probar !!!!!!!!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Esta vez, vamos a integrar la authenticaci\u00f3n de usuarios de nuestro nagios con nuestro openLDAP. Primero de todo, habilitamos los m\u00f3dulos ldap \/ authnz_ldap a2enmod authnz_ldap a2enmod ldap Modificamos el fichero de sites del nagios: #nano \/etc\/apache2\/sites-available\/nagios.conf Y lo dejamos tal que: # SAMPLE CONFIG SNIPPETS FOR APACHE WEB SERVER # # This file contains [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,8],"tags":[117,134],"class_list":["post-1262","post","type-post","status-publish","format-standard","hentry","category-linux","category-varios","tag-nagios","tag-openldap"],"_links":{"self":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts\/1262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1262"}],"version-history":[{"count":0,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=\/wp\/v2\/posts\/1262\/revisions"}],"wp:attachment":[{"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/diablo.craem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}