This commit is contained in:
root@zabbix.znil.net 2020-04-14 17:39:35 +02:00
parent 7da98727d6
commit 41b5d241eb

View File

@ -20,9 +20,11 @@ This is a pure bash-script for syncing a Actice-Directory Group via LDAP with a
- Create a special User for the LDAP Access. User need no special rights but should be Domain-User
- Avoid special chars in username and password like `äöü!?>$%` and spaces
- After creating get the ***distinguished name*** of this user. You can query the name on a doamin controller with
`dsquery user -samid <username>`
`dsquery user -samid <username>`
Output should something like
`CN=ldapSearch,OU=MyUsers,DC=exampledomain,DC=local`
`CN=ldapSearch,OU=MyUsers,DC=exampledomain,DC=local`
where ***ldapSearch*** is the example-user
Create one or more Active Directory Groups and add Members. Empty Groups are allowed (then all members in Zabbix will be removed from Group and disabled).
@ -36,11 +38,14 @@ In the examples i am using the groupname `Zabbix-Super-Admin`
### 2. Install Prerequisites on Linux
Yes, i am using pure bash to avoid any prerequisites but we need a program for accessing LDAP and some other tools. All of them should be available in the standard repositories:
**Debian/Ubuntu**
`apt install ldap-utils`
`apt install ldap-utils`
**Red Hat/CentOs/SuSe**
`yum install openldap-clients`
`yum install openldap-clients`
The other needed programs are
`curl sed dirname readlink`
`curl sed dirname readlink`
which should be already installed
### 3. Create Zabbix-User for API Access