/ Monitoring

Authentification Active Directory sur LibreNMS

Je met en ligne une procédure de mise en place de l'authentification LDAP Active Directory sur LibreNMS.

Prérequis :

  • Contrôleur de domaine Microsoft Active Directory

apt update && apt install -y php7.0-ldap

nano /opt/librenms/config.php

$config['auth_mechanism'] = "active_directory";

$config['auth_ad_url']                     = "ldap://exemple.com";
$config['auth_ad_domain']                  = "exemple.com";
$config['auth_ad_base_dn']                 = "OU=MONENTREPRISE,dc=exemple,dc=com";
$config['auth_ad_check_certificates']      = false;
$config['auth_ad_binduser']                = 'bind';
$config['auth_ad_bindpassword']            = 'passwordbind';
$config['auth_ad_timeout']                 = 5;
$config['auth_ad_debug']                   = false;
$config['active_directory']['users_purge'] = 30;
$config['auth_ad_require_groupmembership'] = true;

# Groupe Administrateur
$config['auth_ad_groups']['librenms_adm']['level'] = 10;

€ Groupe Utilisateur (level 7)
$config['auth_ad_groups']['librenms_usr']['level']  = 7;

/opt/librenms/scripts/auth_test.php -u bind

Si tout se déroule parfaitement vous devez obtenir ce type de résultat.

Authentication Method: active_directory
AD bind success
Password:
Authenticate user bind:
AUTH SUCCESS

User (-1):
Groups: CN=librenms_ADM,OU=Admins,OU=MONENTREPRISE,DC=exemple,DC=com; CN=librenms_USR,OU=Users,OU=MONENTREPRISE,DC=exemple,DC=com