Looking Out for Potholes: Cacti LDAP Authentication with Active Directory

Friday, August 2, 2013

Cacti LDAP Authentication with Active Directory

Cacti 0.8.8a
Windows 2008 R2 Domain Level

yum install php-ldap

Settings -> Authentication -> LDAP Authentication

LDAP used for admins only, graph readers will use the guest account

Guest User: No User
User Template: admin
Server: FQDN of domain controller
Port Standard: 389
Port SSL: 636
Protocol Version: Version 3
Referrals: Disabled
Mode: Specific Searching
Distinguished Name: Blank
Require Group Membership: Not Checked
Group Distinguished Name: CN=cacti_admins,OU=groups_users,DC=foo,DC=domain,DC=com
Group Member Attribute: member
Group Member Type: Distinguished Name
Search Base: ou=groups_users,DC=foo,DC=domain,DC=com
Search Filter: (&(objectclass=user)(objectcategory=user)(userPrincipalName=*))
Search Distinguished Name: ldaplookupuser@foo.domain.com
Search Password: *********

Tips: Some users report issues trying to connect via local and LDAP in the same browser session, log out to test

2 comments:

UnknownNovember 4, 2013 at 1:05 AM
hi my man, how to setting for user client (view graph only) and setting graph view,

im setting user for acces cacti on LDAP
ReplyDelete
Replies
UnknownDecember 31, 2014 at 4:10 AM
in my case we dont have Search Distinguished Name: ldaplookupuser@foo.domain.com
Search Password: ********* so how to proceed
ReplyDelete
Replies

Add comment