Dear

We created a separate vhost for mysql (guest) logins and put a switch in the config file to switch between vhost / authentication methods. This way we also have different overview/frontpage layouts depending on which authentication method is used.

if ($_SERVER['SERVER_NAME'] == ‘observium.yourdomain.com'){

}elseif ($_SERVER['SERVER_NAME'] == ‘observium-guests.yourdomain.com’){

}

You of course cannot control LDAP user permissions while you’re logged on the MySQL vhost and vice versa since the administration panel will think you are using the one you are currently logged in to.

This option could of course also be a $_GET parameter (e.g. https://observium.yourdomain.com/?mysql_fallback)

And then have this in your config.php file

If (isset($_GET[‘mysql_fallback’])){

//ldap auth

}else{

//regular auth

}

We used to use the second method, but recently switched to the other for convenience (you lose the mysql fallback parameter once you enter an invalid user, or press logout and so on, the vhost one seems to work pretty seamless). If your sole reason is to have a fallback I think option 2 still seems like a decent enough option since you will rarely use it.

Kind regards

I found LDAP support in observium to be lacking significantly.

A jira-like method of authentication would be appreciated. Specifically the ability to use integrated and external sources for authentication at the same time. As well as permissions based on AD groups.