hey, to make it working with AD ldap we need to change this files
--- fuel-plugin-lma-infrastructure-alerting/deployment_scripts/puppet/modules/nagios/templates/apache_vhost_ubuntu.conf.erb 2016-11-22 13:03:40.000000000 +0300 +++ /Users/packet/Desktop/screens/plugins/lma_infrastructure_alerting-1.0/deployment_scripts/puppet/modules/nagios/templates/apache_vhost_ubuntu.conf.erb 2016-11-17 12:26:53.000000000 +0300 @@ -54,7 +54,8 @@ LDAPVerifyServerCert off AuthBasicAuthoritative on <RequireAny> require user <%= @user %> - Require ldap-group <%= @ldap_admin_group_dn %> + Require ldap-attribute memberOf="<%= @ldap_admin_group_dn %>" + Require ldap-group "<%= @ldap_admin_group_dn %>" </RequireAny> <% else -%> require valid-user
diff -ruNp modules/lma_logging_analytics/templates/apache_kibana_proxy.conf.erb /Users/packet/Desktop/screens/plugins/elasticsearch_kibana-1.0/deployment_scripts/puppet/modules/lma_logging_analytics/templates/apache_kibana_proxy.conf.erb --- modules/lma_logging_analytics/templates/apache_kibana_proxy.conf.erb 2016-11-22 13:06:40.000000000 +0300 +++ /Users/packet/Desktop/screens/plugins/elasticsearch_kibana-1.0/deployment_scripts/puppet/modules/lma_logging_analytics/templates/apache_kibana_proxy.conf.erb 2016-11-17 12:28:50.000000000 +0300 @@ -30,7 +30,8 @@ LDAPVerifyServerCert off AuthBasicAuthoritative on <RequireAny> require user <%= @username %> - Require ldap-group <%= @ldap_admin_group_dn %> + Require ldap-group "<%= @ldap_admin_group_dn %>" + Require ldap-attribute memberOf="<%= @ldap_admin_group_dn %>" </RequireAny> <% else -%> require valid-user diff -ruNp modules/lma_logging_analytics/templates/apache_kibana_proxy_viewer.conf.erb /Users/packet/Desktop/screens/plugins/elasticsearch_kibana-1.0/deployment_scripts/puppet/modules/lma_logging_analytics/templates/apache_kibana_proxy_viewer.conf.erb --- modules/lma_logging_analytics/templates/apache_kibana_proxy_viewer.conf.erb 2016-11-22 13:06:40.000000000 +0300 +++ /Users/packet/Desktop/screens/plugins/elasticsearch_kibana-1.0/deployment_scripts/puppet/modules/lma_logging_analytics/templates/apache_kibana_proxy_viewer.conf.erb 2016-11-17 12:28:27.000000000 +0300 @@ -26,8 +26,10 @@ AuthBasicAuthoritative on <RequireAny> require user <%= @username %> - Require ldap-group <%= @ldap_viewer_group_dn %> - Require ldap-group <%= @ldap_admin_group_dn %> + Require ldap-attribute memberOf="<%= @ldap_viewer_group_dn %>" + Require ldap-attribute memberOf="<%= @ldap_admin_group_dn %>" + Require ldap-group "<%= @ldap_viewer_group_dn %>" + Require ldap-group "<%= @ldap_admin_group_dn %>" </RequireAny> <% else -%> require valid-user
But i think we should give user to possibility to modify this whole file in web UI, because user should have possibility to modify all parameters all AD can have different settings and can require different parameters
hey,
to make it working with AD ldap we need to change this files
--- fuel-plugin- lma-infrastruct ure-alerting/ deployment_ scripts/ puppet/ modules/ nagios/ templates/ apache_ vhost_ubuntu. conf.erb 2016-11-22 13:03:40.000000000 +0300 packet/ Desktop/ screens/ plugins/ lma_infrastruct ure_alerting- 1.0/deployment_ scripts/ puppet/ modules/ nagios/ templates/ apache_ vhost_ubuntu. conf.erb 2016-11-17 12:26:53.000000000 +0300 rCert off uthoritative on group_dn %> group_dn %>" group_dn %>"
+++ /Users/
@@ -54,7 +54,8 @@ LDAPVerifyServe
AuthBasicA
<RequireAny>
require user <%= @user %>
- Require ldap-group <%= @ldap_admin_
+ Require ldap-attribute memberOf="<%= @ldap_admin_
+ Require ldap-group "<%= @ldap_admin_
</RequireAny>
<% else -%>
require valid-user
diff -ruNp modules/ lma_logging_ analytics/ templates/ apache_ kibana_ proxy.conf. erb /Users/ packet/ Desktop/ screens/ plugins/ elasticsearch_ kibana- 1.0/deployment_ scripts/ puppet/ modules/ lma_logging_ analytics/ templates/ apache_ kibana_ proxy.conf. erb lma_logging_ analytics/ templates/ apache_ kibana_ proxy.conf. erb 2016-11-22 13:06:40.000000000 +0300 packet/ Desktop/ screens/ plugins/ elasticsearch_ kibana- 1.0/deployment_ scripts/ puppet/ modules/ lma_logging_ analytics/ templates/ apache_ kibana_ proxy.conf. erb 2016-11-17 12:28:50.000000000 +0300 rCert off uthoritative on group_dn %> group_dn %>" group_dn %>" lma_logging_ analytics/ templates/ apache_ kibana_ proxy_viewer. conf.erb /Users/ packet/ Desktop/ screens/ plugins/ elasticsearch_ kibana- 1.0/deployment_ scripts/ puppet/ modules/ lma_logging_ analytics/ templates/ apache_ kibana_ proxy_viewer. conf.erb lma_logging_ analytics/ templates/ apache_ kibana_ proxy_viewer. conf.erb 2016-11-22 13:06:40.000000000 +0300 packet/ Desktop/ screens/ plugins/ elasticsearch_ kibana- 1.0/deployment_ scripts/ puppet/ modules/ lma_logging_ analytics/ templates/ apache_ kibana_ proxy_viewer. conf.erb 2016-11-17 12:28:27.000000000 +0300 uthoritative on group_dn %> group_dn %> group_dn %>" group_dn %>" group_dn %>" group_dn %>"
--- modules/
+++ /Users/
@@ -30,7 +30,8 @@ LDAPVerifyServe
AuthBasicA
<RequireAny>
require user <%= @username %>
- Require ldap-group <%= @ldap_admin_
+ Require ldap-group "<%= @ldap_admin_
+ Require ldap-attribute memberOf="<%= @ldap_admin_
</RequireAny>
<% else -%>
require valid-user
diff -ruNp modules/
--- modules/
+++ /Users/
@@ -26,8 +26,10 @@
AuthBasicA
<RequireAny>
require user <%= @username %>
- Require ldap-group <%= @ldap_viewer_
- Require ldap-group <%= @ldap_admin_
+ Require ldap-attribute memberOf="<%= @ldap_viewer_
+ Require ldap-attribute memberOf="<%= @ldap_admin_
+ Require ldap-group "<%= @ldap_viewer_
+ Require ldap-group "<%= @ldap_admin_
</RequireAny>
<% else -%>
require valid-user
But i think we should give user to possibility to modify this whole file in web UI, because user should have possibility to modify all parameters all AD can have different settings and can require different parameters