Integrating Cacti Authentication With LDAP/Active Directory (AD)

1. Overview


Mostly people use LDAP or Active Directory as a central place for user authentication and identity management software.  Many services normally are integrated with LDAP or Active Directory such email and computer login. If the service is not integrate with LDAP or Active Directory, users may end up with having many accounts and passwords for their daily work. LDAP or Active Directory have account and password policy which it could enhance security in the internal company. Cacti has its own built-in user authentication mechanism, but it also can be integrated with LDAP or an Active Directory domain for user authentication.

In this instruction will show how to integrated Cacti authentication with Active Directory (AD).

2. Prerequisites


In this article, it is supposed that:

a. You have an Active Directory server in place up and running.
b. You have already installed Cacti server. Please refer to this link. Installing Cacti Web-based Network Monitoring on RHEL/CentOS 7

3. Cacti Active Directory Authentication Setting


Login to your Cacti server with admin privilege user account. Then, navigate to “Console” and click on “Setting”. On Cacti setting windows, click on “Authentication” tab.  In the General setting section, from the Authentication Method drop-down list select “LDAP Authentication”.

On the Special Users section, we have to select a local user of Cacti to be the template for Active Directory user. So, all the successful Active Director user login to Cacti will gain setting and privilege exactly the same as this user. In our case now just select “guest” from the drop-down list.

In the LDAP General Settings section, we have to input some information as the following. Enter the IP address or FQDN of Active Directory server in the Server box. Just leave the default setting for ports. Select “None” for Encryption and on Mode option select “No Searching”.

Finally, click “Save” button to save the setting we made.

When we try to access Cacti web interface, we will see the login option as in the following picture. We can select to login with LDAP/Active Directory user account or with a local user account.

After there are some successfully login, we can see those user User Management setting by going to Console and click on “Users”.

On the “Realm” column, we can see that Active Directory user is created automatically in Cacti database.

7. Conclusion


That’s all about how to integrate your Cacti server to authentication with LDAP/Active Directory (AD) from Tech Space KH. Hopefully, you can find this guide informative. If you have any questions or suggestions you can always leave your comments below. I will try all of my best to review and reply them.