I have a cacti and a freeipa server running fine. i want a user of cacti that is created from freeipa. i'm having a real pain. how to do it ? any step by step procedure or link can help
Asked
Active
Viewed 508 times
2 Answers
0
The recommended approach is to use web server modules (for Apache, mod_auth_kerb, mod_lookup_identity, etc) to perform authentication
and authorisation, and populate the request environment with information
about an authenticated user. If you are using nginx there are some equivalent modules, but they are less mature.
See http://www.freeipa.org/page/Web_App_Authentication for more details and links to other helpful resources.
frasertweedale
- 5,424
- 3
- 26
- 38
0
First make a template user in cacti(and it must be enabled/able to login) with the desired permissions for viewing graphs etc.
In the Authentication tab of Cacti select "LDAP Authentication" (local users will still work, if you have duplicates you can change them to the "LDAP realm" later under user management to force password sync.)
Leave the "Guest user" as no-user.
For the "user template" item choose the template user you previously created.
Enter your server name/ip, ports and select version 3 for LDAP protocol and TLS for encryption. Choose "disabled" for Referrals.
Under mode choose "No Searching" You can use other methods but this is the easiest.
You should be able to leave everything else at the default or empty, the chosen mode just logs in to LDAP as the user trying to sign into Cacti. If they exist and are valid it just works.
