I’ve got some security issues with Nagios.I'm using Fully Automated Nagios 2.0 and only Nagios in it, not Centreon. I’ve got an Active Directory in my network and I want to implement it in Nagios. I’ve successfully integrated them, but I want to define more precise access list.
In my AD, I’ve got 2 OU, one for the System department and one for the Network department. I want to allow the System’s staff only to see the information about equipments belonging to them, and same thing for the Network’s staff.
The System ‘staff has 3 HP servers and the Network 3 Cisco switches and 1 Cisco router. When a System’s administrator logs in Nagios, I want him to only access details about his server and not the switches and the router, and same thing with the Network members.
I know it’s possible to prevent users to modify and access information about host and systems in the file cgi.cfg, based on contacts, but it’s for all equipments. In my case, I want to explicitly tell which host is viewable by a group.
Can anyone tell me, if it’s possible with only the components in FAN and that case how ?