This ZenPack is developed and supported by Zenoss Inc. Commercial ZenPacks are available to Zenoss commercial customers only. Contact Zenoss to request more information regarding this or any other ZenPacks. Click here to view all available Zenoss Commercial ZenPacks.
This ZenPack is included with commercial versions of Zenoss and enterprise support for this ZenPack is provided to Zenoss customers with an active subscription.
The ZenPacks.zenoss.LDAPAuthenticator ZenPack enables pass-through authentication to external LDAP-based servers such as Microsoft Active Directory or OpenLDAP.
This capability allows users to sign on to the Zenoss platform user interface with the same credentials they use to log in to their workstations. This saves you from having to manually create user accounts and maintain passwords in Zenoss platform.
Among the benefits of using a service like LDAP to maintain user accounts and privileges are:
Authentication logging is stored in the $ZENHOME/log/event.log file.
Before configuring LDAP authentication, you should gather the following information from your LDAP or Active Directory administrator:
You can configure LDAP authentication at initial setup, or from the Settings area of the interface:
The first panel (Add LDAP Servers) of the LDAP Configuration wizard appears.
LDAP Configuration Wizard (Add LDAP Servers)
You can verify that your credential information is valid from the Zenoss platform server by using the ldapsearch command. To install this command, use the following for RPM-based systems:
# yum -y install openldap-clients
as the zenoss user on the Zenoss platform server:
ldapsearch -LLL -x -b 'BaseDN' -D 'Bind DN' -W -H ldap://LDAP_server-name \
You can use local authentication as a fallback in the event that the LDAP server is unreachable. The local authentication plugin is called userManager.