[Check_mk (english)] LDAP & group filter

My Check_MK set up is using LDAP as authentication method.

I have configured the following settings:

Users
- User Base DN: cn=users,cn=accounts,dc=stack,dc=company,dc=com
- Search filter: (!(uid=admin))
- User-ID attribute: uid

Groups
- Group Base DN: cn=groups,cn=accounts,dc=stack,dc=company,dc=com
- Search filter: (objectclass=groupOfNames)

The LDAP directory contains 15 users. Using the configuration above,
Check_MK detects all 15 users. So for, no problem.

On the LDAP directory I have a group, which is called monitoring. In the
monitoring group, I have 5 members.

I want to limit access to Check_MK only for the members in the monitoring
group. The rest of the users in the LDAP directory should not have access
to Check_MK. Only users which are member of the monitoring group should be
able to access Check_MK.

I tried different filters, different searches, unfortunately without luck.

Anyone?

Thanks!

Hi Sinan,

we have the same requirement and with such a filter, it works (with
Microsoft Active Directory)

User Base
DN OU=Users,OU=Accounts,DC=<Domain>,DC=yyyy,DC=xxx

Search Filter
(&(objectclass=user)(objectcategory=person)(|
(memberOf=CN=A-CMK-User,OU=Role,OU=Groups,DC=<Domain>,DC=yyyy,DC=xxx)(memberOf=CN=A-CMK-Admin,OU=Role,OU=Groups,DC=<Domain>,DC=yyyy,DC=xxx)(memberOf=CN=A-CMK-Wato,OU=Role,OU=Groups,DC=<Domain>,DC=yyyy,DC=xxx)(memberOf=CN=A-CMK-Guest,OU=Role,OU=Groups,DC=<Domain>,DC=yyyy,DC=xxx)))

Only Members of the 4 Groups will be imported

Jacques