[opsview-users] LDAP - Problems logging in

Tue, 28 Jul 2009 06:16:24 -0700 

Hi,
Im having an issue with LDAP authentication (Win2K3 Active Directory with CentOS 5.3 Opsview host OS). 

I have configured users in AD and placed them in a group: opsview-users

I have the group config file in the /usr/local/nagios/etc/ldap as 
opsview-users.xml and this is configured as per the docs


Important bits: (altered slightly from the example but more useful for us)

<name>%NAME%</name>
<username>%SAMACCOUNTNAME%</username>
<comment>%DESCRIPTION%</comment>
<email>%MAIL%</email>
<mobile>%MOBILE%</mobile>

<all_hostgroups>0</all_hostgroups>
<hostgroups>
<hostgroup name="TEST" />
</hostgroups>
<all_servicegroups>1</all_servicegroups>

I also made sure there is a host that is in the "TEST" hostgroup.


When I run opsview_sync_ldap -y , the job completes sucessfully and it 
populates the the database with the users which are in the opsview-users 
group,
all fields correct and boxes ticked as expected and everything appears 
to be fine.



The problem occurs when I attempt to log in as one of those users, this 
fails with:

"Username or password mismatch".

Turning on debugging reveals:

[Opsview.Web.Controller.Root] [WARN] Unsuccessful login: opsview.user, 
from x.x.x.x



So it appears this is an incorrect password/username issue but I have 
tried to reset passwords in AD, restart Opsview services,
re-sync the config after removing users from both AD and Opsview and it 
still gives the error..



AD does not show any failed authentication attempts but a tcpdump shows 
traffic when I hit enter on the login page.


# /usr/local/nagios/bin/opsview_sync_ldap -t -u opsview.user -p xxxxx
Able to connect to LDAP successfully
Checking username opsview.user

No user found for opsview.user at 
/usr/local/nagios/bin/opsview_sync_ldap line 106, <DATA> line 466.



Is there anything else I can look at to debug this?

Thanks.

Andy.


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
Opsview-users mailing list
[email protected]
http://lists.opsview.org/lists/listinfo/opsview-users






















					Reply via email to