Skip to main content

Posts

Showing posts from November, 2018

Icinga2 - Setting up LDAP for Users and Groups

I recently had to set up LDAP-Authentication for Icinga2   Even though the Documentation on the user-setup is quite good, the Documentation about groups and ldap is missing some informations. So here is what I had to do, to get this working. In this environment I already had two IPA-Servers set up with replication. These will take care of LDAP and DNS for me. My Client is joined to the IPA-Domain. First, let's create a resouce for our ldap-connection, the parameters are pretty self explanatory. [archy@icinga2 ~]$ sudo vim /etc/icingaweb2/resources.ini ... [auth-ipa] type = "ldap" hostname = "ipasrv02.archyslife.lan" port = "636" root_dn = "dc=archyslife,dc=lan" bind_dn = "uid=icinga-bind,cn=users,cn=accounts,dc=archyslife,dc=lan" bind_pw = "some_secret_password" encryption = "ldaps" ... Next, let's take care of the user-authentication using our LDAP-Connection