I have configured checkmk with distributed monitoring. Some of these distributed sites use a different ldap server for user and auth. these sites also are configured for configuration replication and to sync with a ldap connection available to it locally. this ldap connection is not available to the master site.
Is this configuration viable or does the master have to connect via the remote the ldap connection
any help gratefully accepted.
chris.
You can sync your remote sites with different LDAP connections. See here: User management with LDAP/Active Directory
Thanks. That is what I believe and was relying on however, I can not logon to the remote site using any of the users that the ldap connection I have defined for the remote site.
I have verified the ldap connection details I used using the ldapsearch command on the remote server which connects successfully and returns the users who are a a member of the groups defined in the group filters and the base search dn.
Where do I look on the remote site logs to see what is happening with the ldap user sync ?
Just had a look at the file cat etc/check_mk/multisite.d/wato/user_connections.mk
on the remote site and I can see it does not have the ldap configuration there for the connection I had assigned. It is actually empty.
Issue resolved. It turns out I had a not updated the sites Customer so it did not get the ldap connection. I had recreated the customer with a slightly different name and so it did not appear incorrect when I was checking it.