Help with user permissions

skagnola · May 26, 2020, 4:48pm

Hi

I am working with a new install of Check_mk and need assistance providing the proper permissions to user to only see certain hosts.

Check_mk Users Configuration

Current User Configuration: LDAP > Attribute Sync Plugins - Roles - Normal monitoring user

LDAP discovered ‘testuser’ user is assigned to Contact Group: ‘testgrp’

The hosts that are preferred to be the only ones visible by the ‘testuser’ have
Contact Groups: ‘testgrp’
Permissions: ‘testgrp’

Preference is that only hosts assigned the ‘testgrp’ contact group would be visible. However, when the ‘testuser’ logs in, he is able to see all the hosts not just the ones in the ‘testgrp’.

Is there another section that has to be configured to only allow a user visibility of certain hosts?

Kruzgoth · May 27, 2020, 12:30pm

Hi skagnola and welcome.

Did you changed your “Global Settings” -> “Monitoring Core” -> “Authorization settings” to
“Host-/Servicegroups: Strict”?
You need this option to bind the visibility of a host to it’s contact group.

Sincerely Kruzgoth

skagnola · May 27, 2020, 2:29pm

Hello, Kruzgoth!

Thanks for the response.

I am on check_mk raw 1.6.0p7, currently. In my WATO Config I have the following

Global Settings -> Site Management -> Monitoring Core -> this provides

Current Setting
Factory Setting
Current State

I tried using the ‘search’ in Global Settings for ‘authorization’, ‘host’, ‘groups’ but I’m not able to find the section for Strict authorization.

Again, I appreciate the help!

system · June 27, 2020, 12:29am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.