Can't get AD Authentication working

gonzo · 20 April 2021 12:37

====================================

Component	Version
LibreNMS	21.4.0-2-g3f0f133ee
DB Schema	2021_04_08_151101_add_foreign_keys_to_port_group_port_table (208)
PHP	7.4.3
Python	3.8.5
MySQL	10.3.25-MariaDB-0ubuntu0.20.04.1
RRDTool	1.7.2
SNMP	NET-SNMP 5.8

====================================

[OK] Composer Version: 2.0.12
[OK] Dependencies up-to-date.
[OK] Database connection successful
[OK] Database schema correct
[WARN] Your local git contains modified files, this could prevent automatic updates.
[FIX]:
You can fix this with ./scripts/github-remove
Modified Files:
rrd/.gitignore

Hello,

I’ve got AD authentication working on our other LibreNMS server which is in another domain, but I can’t get this new instance of LibreNMS working in this other domain.

Is there a log file that might give me a hint to the issue?

I’ve already ran apt-get install php-ldap

This it roughly what my config.php looks like:
#$config['auth_mechanism'] = 'active_directory';
#$config['auth_ad_url'] = 'ldap://192.168.10.10';    // Set server(s), space separated. Prefix with ldaps:// for ssl
#$config['auth_ad_domain'] = 'thisdomain.com';
#$config['auth_ad_base_dn'] = 'dc=thisdomain,dc=com';         // groups and users must be under this dn
#$config['auth_ad_check_certificates'] = false;             // require a valid ssl certificate
#$config['auth_ad_binduser'] = '[email protected]';          // bind user (non-admin)
#$config['auth_ad_bindpassword'] = 'myadpassword';      // bind password
#$config['auth_ad_timeout'] = 5;                           // time to wait before giving up (or trying the next server)
#$config['auth_ad_debug'] = false;                         // enable for verbose debug messages
#$config['active_directory']['users_purge'] = 30;          // purge users who haven't logged in for 30 days.
#$config['auth_ad_require_groupmembership'] = true;        // false: allow all users to auth level 0
#$config['auth_ad_groups']['Admin-LibrenmsAdmins']['level'] = 10; // set the "AD AdminGroup" group to admin level
#$config['auth_ad_groups']['Admin-LibrenmsUsers']['level'] = 5;   // set the "AD UserGroup" group to global read only level

system · 20 July 2021 18:37

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.