for the unified management of internal system accounts, want to let Zabbix use LDAP authentication method. The original Zabbix has been integrated with the SSO system. When you want to better manage Zabbix permissions, you want to integrate directly with LDAP, anyway, the SSO account information is also obtained from LDAP.
Company LDAP uses exchange for Windows. You first need to create an account within the AD domain.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/47/wKioL1R-ZKuAwKgRAAHcjq_1Prc042.jpg "title=" 1.png " alt= "Wkiol1r-zkuawkgraahcjq_1prc042.jpg"/>
The three accounts, Admin, Ldapuser and Zabbix, are the three accounts created for Zabbix.
Next, you can set the authentication mode on the Zabbix
1. Before configuring, you need to install the PHP-LDAP module first, otherwise you will not find the module and other errors.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/47/wKioL1R-ZebSsqQ2AAB23OyH62Y059.jpg "title=" 2.png " alt= "Wkiol1r-zebssqq2aab23oyh62y059.jpg"/>
2. Next configure LDAP authentication for Zabbix
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/47/wKioL1R-ZkvDwX-8AALpxce8pi8850.jpg "title=" 3.png " alt= "Wkiol1r-zkvdwx-8aalpxce8pi8850.jpg"/> LDAP Host: The address of the access DC. Format: LDAP://IP Address
Port number: Default 389
dn:dc=david,dc=com, aka Domain name (david.com)
Search property: sAMAccountName, must be the value of this property.
Binding Dn:cn=ldapuser, Ou=business_accounts, Dc=david, dc=com. The CN is the Ldapuser user created in the DC, the OU is Ldapuser belongs to which Ou,dc=david and dc=com is not explained.
Bind password: xxxx, change password for ldapuser user's password
Log in: Admin
User password: Create password for admin user in DC
Make sure to fill out nothing for the title, click "Test". If you have not reported anything wrong, you can click "Update". Now the LDAP authentication method of Zabbix has been configured to complete.
Next, verify that:
1. Create an account first:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/47/wKioL1R-aA2hGWtjAAPXf09qIOQ002.jpg "title=" 4.png " alt= "Wkiol1r-aa2hgwtjaapxf09qioq002.jpg"/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/47/wKioL1R-aHrzBxScAAHYHX8mXb0668.jpg "title=" 5.png " alt= "wkiol1r-ahrzbxscaahyhx8mxb0668.jpg"/> User: Enter an account that already exists in the DC.
Password: The authentication is now shown through LDAP.
2. Next, create the David user in the DC:
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/49/wKiom1R-aMDxdetsAAEp4JvD4zA214.jpg "title=" 6.png " alt= "Wkiom1r-amdxdetsaaep4jvd4za214.jpg"/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/47/wKioL1R-aXuwN9E6AAEgTSP_vVI397.jpg "title=" 7.png " alt= "Wkiol1r-axuwn9e6aaegtsp_vvi397.jpg"/>
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/49/wKiom1R-aSKxr7_wAAEIZowrV5o408.jpg "title=" 8.png " alt= "Wkiom1r-askxr7_waaeizowrv5o408.jpg"/>
You can now log in to Zabbix with your David account
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/49/wKiom1R-aXSxbSFBAACREgoTxAg246.jpg "title=" 9.png " alt= "Wkiom1r-axsxbsfbaacregotxag246.jpg"/> Through the bottom, you can see that David users have successfully logged in.
This article is from the "David" blog, so be sure to keep this source http://davidbj.blog.51cto.com/4159484/1585787
Zabbix Using LDAP authentication