我研究了NagiosXI,将Kerberos与LADP集成以验证SSO,我进行了如下研究和配置,
HTTPD Conf文件如下:
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
<Directory "/usr/local/nagios/sbin">
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Kerberos
KrbAuthRealms OCP.ORG ##<--insert your Kerberos realm here
KrbServiceName HTTP
Krb5Keytab /etc/httpd/conf.d/webnagios.keytab ##<--create your own keytab
and configure the location
KrbMethodNegotiate on
KrbMethodK5Passwd on
AuthLDAPURL "ldap://<fqdn of domain controller>:3268/dc=ocp,dc=org?userPrincipalName?sub" NONE
AuthLDAPBindDN <account that has access to read your AD in the format accountname@domain.com>
AuthLDAPBindPassword <password for the account above>
Require ldap-group <DN path to group name>
</Directory>
Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthType Kerberos
KrbAuthRealms OCP.ORG. ##<--insert your Kerberos realm here
KrbServiceName HTTP
Krb5Keytab /etc/httpd/conf.d/webnagios.keytab. ##<--create your own keytab and configure the location
KrbMethodNegotiate on
KrbMethodK5Passwd on
AuthLDAPURL "ldap://<fqdn of domain controller>:3268/dc=ocp,dc=org?
userPrincipalName?sub" NONE
AuthLDAPBindDN <account that has access to read your AD in the format
accountname@domain.com>
AuthLDAPBindPassword <DN path to group name>
Require ldap-group <DN path to group name>
</Directory>
我已经生成了密钥表并尝试登录到NagiosXI主页,但是仍然提示输入凭据 我在某些地方迷路了,请帮助我,
谢谢