I would like to restrict access for some users in Nagios Web to view just hosts and servers that are members of some hosts groups and services groups, e.g:
These users could be able to view informations of hosts;
These users could be able to view informations of services associated of hosts;
These users could be able to schedule a downtime of associated hosts.
Now that you have a Nagios “superuser” that has rights to view all host and services, you may also want to have users with restricted viewing rights for others persons. To do so for local user/password authentication, create Apache users whose names match Nagios contact names. To do so with ldap authentication, just choose your Nagios contact names to match your ldap usernames. When Nagios web interface users match Nagios contact names, the Nagios web interface user may only view those hosts and services for which his user is listed as a contact.[/quote]
It doesn’t give you option 3, but with some added contact entries, 1 and 2 are certainly doable.
As far as i know (tried on older versions and i never heard of changes) a user enabled for viewing has total control of the command part of nagios, including scheduling downtimes, disabling checks and so on.