LDAPS Authentication in Nagios

These steps were performed running Nagios 4.3.1 on Fedora 25.

Install the LDAP module for Apache:

 

Edit /usr/local/nagios/etc/cgi.cfg to allow any user. You can enter a comma separated list of user names here instead of * but this becomes quite cumbersome to manage. The * says that anyone that passes the authentication requirements of the Apache auth modules will have full access like nagiosadmin.

 

Edit /etc/httpd/conf.d/nagios.conf to authenticate against an LDAPS server. Below is an example using my config file. If you don’t need secure communications replace LDAPS with LDAP. I’ve also allowed local file based authentication for the default nagiosadmin user in case the LDAP server goes down. It’s listed as the first Require directive for this reason.

 

Restart Nagios and Apache: