Integration of Centreon with Active Directory

Print Friendly, PDF & Email

If we want to join Centreon to an Active Directory, in order to delegate access to centralized accounts and not have to use local users, or, directly, for being a good practice; Here are the steps we'll need.

We can connect by LDAP, but as a good practice, We will use the secure channel, if we are going to connect via LDAPS to a domain controller (DC) and the certificate is invalid, or wow, our machine doesn't trust him or the CA that signed it. We will allow self-signed certificates in LDAPS, adding the following line in the CentOS LDAP configuration file /etc/openldap/ldap.conf:

TLS_REQCERT never

And we restarted Apache:

Systemctl Restart httpd24-httpd

We will create a Template for the contacts that we import from LDAP, We need it. Y a parte podemos aplicar algún cambio global en todos ellos. We're going to “Configuration > Users > Contact Templates > Add

  • Alias / Login: Plantilla_Contacto_LDAP
  • Full Name: Plantilla_Contacto_LDAP

Creamos la conexión de Centreon a LDAP desde “Administration” > “Parameters” > “LDAP” > “Add…” y rellenamos lo siguiente:

  • Configuration name: Conexión a Directorio Activo
  • Description: Conector LDAPS para autenticar usuarios de AD.
  • Enable LDAP authentication: Yes
  • Store LDAP password: No
  • Auto import users: No
  • LDAP search size limit: 60
  • LDAP search timeout: 60
  • Contact template: Plantilla_Contacto_LDAP
  • Default contactgroup: Guests (RO) o Supervisors (Admins)
  • Use service DNS: No
  • Enable LDAP synchronization on login: Yes
  • LDAP synchronization interval: 1 (hour)
  • LDAP servers:
    • DIRECCION_IP_DC_1 636tcp SSL TLS
    • DIRECCION_IP_DC_2 636tcp SSL TLS
  • Bind user: us*****@do*****.locto the
  • Bind password: PASSWORD
  • Protocol version: 3
  • Template: Active Directory
  • Search user base DN: OU=XXX, OU=XXX, DC=XXX, DC=XXX
  • [Search group base DN]: OU=XXX, OU=XXX, DC=XXX, DC=XXX

To add specific Active Directory users to Centreon, We're going to “Configuration” > “Users” > “Contacts / Users” > “LDAP Import”.

There it will show us the newly created connector to LDAP, click on "Search" to show us which objects (User) Go to Active Directory. Select the user or users you are interested in and click on "Import".

With this we will already have the users who interest us of the AD in Centreon. What do we have left? Well, assign the permissions they need, right?? and we leave that for Another post!

Recommended Posts

Monitoring Crowdsec with Centreon
Read
Monitorizando Tareas programadas con Centreon
Read
Monitoring Proxmox EV with Centreon
Read
VPN with Citrix NetScaler III - Authentication with certificates
Read

Author

by Héctor Herrero 
nheobug@bujarra.com
Autor del blog Bujarra.com Cualquier necesidad que tengas, Do not hesitate to contact me, I will try to help you whenever I can, Sharing is living ;) . Enjoy documents!!!

Playing with Magic Cubes in Home Assistant

20 of January 2021

A Podcast for IT - Bitcoin and Blockchain

28 of January 2021