Hi,
I have configured Observium to authenticate against ldap and it works great. This is my configuration for authentication:
$config['auth_mechanism'] = "ldap"; $config['auth_ldap_version'] = 3; $config['auth_ldap_server'] = "ldap.example.net"; $config['auth_ldap_port'] = 389; $config['auth_ldap_starttls'] = FALSE; $config['auth_ldap_prefix'] = "uid="; $config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=net"; $config['auth_ldap_group'] = "cn=observium,ou=Groups,dc=example,dc=net";
Everything works as expected until I get to this point. When I go to add a new device or view the global configuration, I get the message:
ERROR You have insufficient permissions to view this page.
I have confirmed that I am in the observium-admin group. This is what I have for group permissions:
$config['auth_ldap_groupbase'] = "ou=Groups,dc=example,dc=net"; $config['auth_ldap_groups']['observium-admin']['level'] = 10;
There is nothing relevant in the observium.log.
Is there something that I am missing or does anyone have thought that might help me resolve this issue?
Thanks in advance for any hints you can throw my way!
Tracy
I think I have it working, using clues found in includes/defaults.inc.php
$config['auth_mechanism'] = "ldap"; $config['auth_ldap_version'] = 3; $config['auth_ldap_server'] = "ldap.example.net"; $config['auth_ldap_port'] = 389; $config['auth_ldap_starttls'] = FALSE; $config['auth_ldap_prefix'] = "uid="; $config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=net"; $config['auth_ldap_group'] = "cn=observium,ou=Groups,dc=example,dc=net"; $config['auth_ldap_groupbase'] = "ou=Groups,dc=example,dc=net";
// $config['auth_ldap_groupmembertype'] = "nodn"; // Available membertypes: 'nodn' (default, used $username); // 'fulldn' ($config['auth_ldap_prefix'] . $username . $config['auth_ldap_suffix']) $config['auth_ldap_groupmembertype'] = "fulldn";
// $config['auth_ldap_groupmemberattr'] = "memberUid"; $config['auth_ldap_groupmemberattr'] = "uniquemember"; // Use your unique attribute for username, example "uniqueMember".
$config['auth_ldap_groups']['observium-admin']['level'] = 10; $config['auth_ldap_groups']['observium-support']['level'] = 1;
I hope this helps out others.
Thanks for the fantastic app Adam!
Tracy
On May 30, 2013, at 9:27 AM, Tracy Phillips tracphil@mantoso.com wrote:
Hi,
I have configured Observium to authenticate against ldap and it works great. This is my configuration for authentication:
$config['auth_mechanism'] = "ldap"; $config['auth_ldap_version'] = 3; $config['auth_ldap_server'] = "ldap.example.net"; $config['auth_ldap_port'] = 389; $config['auth_ldap_starttls'] = FALSE; $config['auth_ldap_prefix'] = "uid="; $config['auth_ldap_suffix'] = ",ou=People,dc=example,dc=net"; $config['auth_ldap_group'] = "cn=observium,ou=Groups,dc=example,dc=net";
Everything works as expected until I get to this point. When I go to add a new device or view the global configuration, I get the message:
ERROR You have insufficient permissions to view this page.
I have confirmed that I am in the observium-admin group. This is what I have for group permissions:
$config['auth_ldap_groupbase'] = "ou=Groups,dc=example,dc=net"; $config['auth_ldap_groups']['observium-admin']['level'] = 10;
There is nothing relevant in the observium.log.
Is there something that I am missing or does anyone have thought that might help me resolve this issue?
Thanks in advance for any hints you can throw my way!
Tracy
observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
participants (1)
-
Tracy Phillips