I have Nagios installed with proper configuration files. I have created some contact groups and assign them to hosts.
For web UI I'm using Check_MK, which is a great Nagios plugin. And here's the question:
Check_MK supports showing hosts/services based on contactgroup membership. But I can't transfer my Nagios contactgroups into Check_MK. (Result should be that if person XYZ is logged in, he see only hosts and services assigned to him.)
My users are in LDAP (I'm using Check_MK login form, not apache authorization).
I can't find any information about this in documentation so if someone have experiences, pls tell me how it works :) I'll appreciate that :)
Related
I recently made the jump to hosting on GCP and haven't been able to get my homepage to work. My website is made using Ruby on Rails, I've added the cname to the dns field in Google domains, and made the pages I need publicly visible in GCP, but I don't get anything. This is my first time using GCP I got it to work with AWS, but my mailing service didn't work as well with it. Any chance someone could offer some advice or insight?
From your description, I gather you have your domain parked in Google Domain. Where are your A, NS, SOA records? You need to have these configured correctly for your site to work.
For your email to work, you need to ensure your MX records are pointed to your mail server correctly.
Have you configured your DNS Zone in Google Cloud console? Check A, NS records for website to work.
Where is your MX record configured? (For emails to work)
Have you configured these?
Google Cloud Console > Networking > Network Services > Cloud DNS
Where is your mail hosted?
This elaborate Google Docs might help.
Ideally all ISPs provide elaborate and detail docs on configuring MX records.
More info from your end would definitely help us point you in the right direction.
I install thingsboard on windows10 I used this site"https://thingsboard.io/docs/user-guide/install/windows/"to install.
I want do this project "https://www.hackster.io/thingsboard/temperature-dashboard-using-arduino-uno-esp8266-and-mqtt-5e26eb"
after install complete when login http://localhost:8080 with
login: sysadmin#thingsboard.org password: sysadmin i want add devise but there is not “Devices” section.
I had the same problems. It appears the getting started tutorial misses a few steps.
First try creating a new Tenant, then create a new user. You should then see the missing sections appear!
In order to have a device you must have a tenant to link it to. I'm learning as you are.
(If you attempt the OPC Connection) When you have gotten past this point yet you will also see that there are certificate errors if you will try to connect to the KepServerEX demo as mentioned in the getting started tutorial. I changed the time on my computer, since the certificate is expired as of this month, a date that has already passed (I don't recall exactly when).
Once you get past that small hurdle you will find another problem with the demo configuration, as explained here: https://github.com/thingsboard/thingsboard-gateway/issues/30
All dashboards and customers in Thingsboard are tied to a Tenant. Thingsboard support multiple Tenants. When you are logged in as system administrator, Thingsboard can't know which of the tenants to show, so no dashboards or customers are shown.
The system administrator account is for system administration tasks, not for dashboard or customer tasks. If you want to manage dashboards or customers, login as the Tenant or Customer you want to manage.
You should try with different user:
username: tenant#thingsboard.org
password: tenant
pretty much mentioned in the doc!!!
I am learning Jenkins and i am using version 1.605. I am learning about setting security options in jenkins. I found below options in jenkins configure global security page under the security realms:-
Delegate to servlet container
Jenkins'own user database
LDAP
I want to understand in which scenario, which option should be used?Please help me understand.
The "servlet container" refers to the web server that you are using to host Jenkins, typically Tomcat. The configuration file $CATALINA_BASE/conf/tomcat-users.xml may already be set up and managed by your organization. In this case: "why reinvent the wheel?". Use this if your organization already has a process that manages the Tomcat users configuration. This is also probably the most archaic solution.
The "own user database" is just what it sound like. Instead of relying on something else, Jenkins keeps it's own database of users. You can create and delete users through the Jenkins UI. You can even let new users sign up right from UI. If you don't know what to use, use this one. It's simple and self-contained.
The "LDAP" provides integration with LDAP/ Windows Active Directory. If you are in a corporate/small business environment that already utilizes LDAP for maintaining users and groups, it will be very beneficial to hook into that and off-load user management to the IT team that manages LDAP/AD. Note that unless you are that IT admin, you will need to contact the said admins for connection information/credentials to the LDAP/AD
Slav did a very clear answer.
If you choose the option 2 or 3, you can use the Role Stragegy plugin to create application roles and assign roles to Jenkins users, LDAP users or LDAP static/virtual groups.
If you have a lot of users, this plugin can save your life to assign permissions :)
I am after a better solution for security in Jenkins. After my play around this space, my current solution is to implement the 'Project-based Matrix Authorization Strategy'. I was previously considering running Jenkins behind Apache and control security through Apache. But during my trial with matrix based security, I was able to assign full access to logged in users and block anonymous users from seeing anything on the dashboard except login-page.
Before I proceed with my beta servers, I would like to seek experts advice to understand what I am doing is correct ?or there is a better way to do this. At the moment I have around 30 users created in my system.
If matrix based solution is the best and easiest, I would like to know,
1) Is it possible to group users and assign access based on groups ? So that I don't have to give users on individual basis
2) I also saw a post about 'Role strategy plug-in', but I couldn't see that in my Jenkins. Not sure if this plug-in out of date and/or nomore supported
Thanks in advance.
I'm using the Role Strategy plugin with a LDPA directory and it works well.
You just have to install this plugin on your Jenkins server and to switch from "Matrix-based security" to "Role-Based Strategy".
Next, you will be able to define roles:
And assign them to users (or LDAP groups, if you have a LDAP directory):
I have a site based on asp.net mvc on windows hosting. Now I need one more site based on php linux. I authonticate a user on windows site and let him upload some information. Now I want this information to go to linux based site. This information could be audio/video or images.
How would i make sure that he can only load to linux server when he is logged into windows based site.
So basically I am thinking before the linux based save something, it should verify that the user is logged into the windows site. What about the logout process.
Help will be appreciated.
Regards
Parminder
If these two services use the same domain, your windows site can save some value in the cookie, and the linux site will identify whether user is authenticated base on these values. However it will only work if the two services are under same domain name (can be different port).
If not, I think Single-Sign On is advisable for security reasons, and OpenID or OAuth is recommended.