Hello,
I have Icinga 2 (v2.3.9) installed with Icinga Web 2 (2.0.0-4) on CentOS 7 with
all latest updates of stable releases (OS+Icinga). I would like to have AD
authentication, but it doesn't work. DB authentication works fine and all the
rest of the configuration seems to be okay too.
My AD configuration:
resources.ini
[ad]
type = ldap
hostname = adserver.xxx.xxx.com
port = 389
root_dn = "OU=Accounts,DC=xxx,DC=xxx,DC=com"
bind_dn = "CN=Bind,OU=Accounts,DC=xxx,DC=xxx,DC=com"
password = pa$$w0rd
authentication.ini
[auth_ad]
backend = "msldap"
resource = "ad"
Per default I get the following two options after logging in:
LDAP User Object Class = user
LDAP User Name Attribute = sAMAccountName
But authentication doesn't work with the following error:
LDAP query "(objectClass=user)" (base OU=Accounts,DC=xxx,DC=xxx,DC=com) failed.
Error: Operations error
Here is also more output:
#0 /usr/share/php/Icinga/Protocol/Ldap/Connection.php(252):
Icinga\Protocol\Ldap\Connection->runQuery(Object(Icinga\Protocol\Ldap\Query))
#1 /usr/share/php/Icinga/Data/SimpleQuery.php(530):
Icinga\Protocol\Ldap\Connection->count(Object(Icinga\Protocol\Ldap\Query))
#2 /usr/share/php/Icinga/Repository/RepositoryQuery.php(511):
Icinga\Data\SimpleQuery->count()
#3 [internal function]: Icinga\Repository\RepositoryQuery->count()
#4
zend.view:///usr/share/icingaweb2/application/views/scripts/user/list.phtml(29):
count(Object(Icinga\Repository\RepositoryQuery))
#5 /usr/share/php/Icinga/Web/View.php(204): include('zend.view:///us...')
#6 /usr/share/icingaweb2/library/vendor/Zend/View/Abstract.php(877):
Icinga\Web\View->_run('/usr/share/icin...')
#7
/usr/share/icingaweb2/library/vendor/Zend/Controller/Action/Helper/ViewRenderer.php(893):
Zend_View_Abstract->render('user/list.phtml')
#8
/usr/share/icingaweb2/library/vendor/Zend/Controller/Action/Helper/ViewRenderer.php(914):
Zend_Controller_Action_Helper_ViewRenderer->renderScript('user/list.phtml',
NULL)
#9
/usr/share/icingaweb2/library/vendor/Zend/Controller/Action/Helper/ViewRenderer.php(953):
Zend_Controller_Action_Helper_ViewRenderer->render()
#10
/usr/share/icingaweb2/library/vendor/Zend/Controller/Action/HelperBroker.php(272):
Zend_Controller_Action_Helper_ViewRenderer->postDispatch()
#11 /usr/share/icingaweb2/library/vendor/Zend/Controller/Action.php(518):
Zend_Controller_Action_HelperBroker->notifyPostDispatch()
#12
/usr/share/icingaweb2/library/vendor/Zend/Controller/Dispatcher/Standard.php(303):
Zend_Controller_Action->dispatch('listAction')
#13 /usr/share/icingaweb2/library/vendor/Zend/Controller/Front.php(937):
Zend_Controller_Dispatcher_Standard->dispatch(Object(Icinga\Web\Request),
Object(Icinga\Web\Response))
#14 /usr/share/php/Icinga/Application/Web.php(154):
Zend_Controller_Front->dispatch(Object(Icinga\Web\Request),
Object(Icinga\Web\Response))
#15 /usr/share/php/Icinga/Application/webrouter.php(111):
Icinga\Application\Web->dispatch()
#16 /usr/share/icingaweb2/public/index.php(4):
require_once('/usr/share/php/...')
#17 {main}
Now I am not sure whether I have a false configuration or AD authentication
doesn't work with my versions installed. Any help appreciated.
Regards
Timo Golovanov
_______________________________________________
icinga-users mailing list
[email protected]
https://lists.icinga.org/mailman/listinfo/icinga-users
