LibreNMS with LDAP with working configuration setup

Is there anyone that actually implemented LibreNMS with OpenLDAP authentication? I would like to hear from those that actually have implemented it to share the openldap configuration setup by the dump of the OpenLDAP and the copy of the config.php of librenms. Reason is that I have posted for assistance and only have responded, but have not given much help. So I am posting this to those who actually have implemented this with latest version of LibreNMS and share the configuration setup so I can see where the problem lies wiht our OpenLDAP configuration and LibreNMS to have it working properly.

I don’t use openldap but for ad for libre I have the following working config:

# LDAP auth
$config['auth_mechanism'] = 'active_directory';
$config['auth_ad_url'] = 'ldap://server2 ldap://server1';    // Set server(s), space separated. Prefix with ldaps:// for ssl
$config['auth_ad_domain'] = 'domain.local';
$config['auth_ad_base_dn'] = 'dc=domain,dc=local';         // groups and users must be under this dn
$config['auth_ad_check_certificates'] = false;             // require a valid ssl certificate
$config['auth_ad_binduser'] = 'ldap_user';          // bind user (non-admin)
$config['auth_ad_bindpassword'] = 'randomldappw';      // bind password
$config['auth_ad_timeout'] = 5;                           // time to wait before giving up (or trying the next server)
$config['auth_ad_debug'] = false;                         // enable for verbose debug messages
$config['active_directory']['users_purge'] = 30;          // purge users who haven't logged in for 30 days.
$config['auth_ad_require_groupmembership'] = true;        // false: allow all users to auth level 0
$config['auth_ad_groups']['Team_X']['level'] = 10; // set the "AD AdminGroup" group to admin level
$config['auth_ad_groups']['Team_Y']['level'] = 10;
$config['auth_ad_groups']['Teams_Z']['level'] = 5;   // set the "AD UserGroup" group to global read only level
$config['auth_ad_require_groupmembership'] = 1;         //AD user must be part of an AD group

Sorry to dig up an old thread, but I came across this and initially this config didn’t work out. /opt/librenms/validate.php kept failing for what appeared to be syntax errors - though they looked correct.

I finally figured out that by copying and pasting, the quotation marks inserted were a different font to the original config formatting. Once I went through and updated them all, the config worked as expected.

Thanks very much for the help :slight_smile:

Hi @mackov83
The text is now fixed. copy/paste should be ok now.