• Contact Us
  • Home
  • Reference

Using OpenLDAP with Zabbix

Discover how to integrate OpenLDAP with Zabbix to effectively manage user authentication and access control in your monitoring system. Explore step-by-step instructions and best practices for implementing this integration.

Written by Marty Heyman

Updated at July 2nd, 2025

  • Quick Start
  • Installation
    Best Practices Configuration Troubleshooting Design Performance Platform
  • Maintenance
    Releases Upgrade
  • Reference
+ More

Table of Contents

Configure LDAP Settings Enable LDAP authentication LDAP host Port Base dn Search attribute Case-sensitive login Bind dn Bind password Test authentication Enable LDAP in Zabbix Web

Zabbix is a powerful, open-source monitoring solution designed to monitor the performance and availability of various IT components, including networks, servers, virtual machines, and cloud services. It collects and displays metrics, allowing for real-time analysis and alerting based on predefined events. 

This example is for the Zabbix Web interface version 6.0, which is the supported LTS version as of August 2023. Later versions have additional options.

For the associated 6.0 documentation click here and for the current manual click here.

Note that an LDAP user must exist in Zabbix Web as well, however its Zabbix password will not be used. When creating the user in Zabbix, the user should also be added to your desired Zabbix roles/groups.

Configure LDAP Settings

  1. Log in to the web interface as an admin
  2. Navigate to Administration > Authentication > LDAP Settings

Enable LDAP authentication

Checked

LDAP host

URI of your OpenLDAP host. Example: ldap://ldap.example.com:389 or ldaps://ldap.example.com:636 for TLS.

Port

Not used when using a full LDAP URI as above, but feel free to put 389 or 636 for TLS.

Base dn

Your OpenLDAP_LDAP_BASE. Example: dc=example,dc=com

Search attribute

uid

Case-sensitive login

Checked

Bind dn

uid=admin,ou=people,dc=example,dc=com

Alternately, it is recommended that you create a separate user account (e.g, bind_user) instead of admin for sharing bind credentials with other services. The bind_user should be a member of the ldap_strict_readonly group to limit access to your LDAP configuration in OpenLDAP.

Bind password

Password for the above bind dn user.

Test authentication

The test authentication login and user password must be used to check the connection and whether an LDAP user can be successfully authenticated. Zabbix will not activate LDAP authentication if it is unable to authenticate the test user.

Enable LDAP in Zabbix Web

  1. Navigate to Administration > Authentication > Authentication (the first tab)
  2. Set “Default authentication” to “LDAP”
  3. Click “Update”
Copyright © 2020-2024 Symas Corporation. All rights reserved.
zabbix monitoring ldap integration

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Using OpenLDAP with ejabberd
  • Symas Blog RSS Feed
  • Symas on Facebook
  • Symas on Twitter
  • Symas Blog
  • Symas on LinkedIn
  • Symas YouTube Channel

Copyright © 2023, Symas Corporation. All rights reserved. Privacy Statement (updated July 31, 2023)

Phone:

Main Office: +1.650.963.7601
Fax: +1.650.390.6284

Email:

Sales: sales@symas.com
Support: support@symas.com

Office Hours:

8:00 AM - 5:00 PM ET

Office Location:

Symas Corporation
PO Box 391
Grand Junction, CO 81507 USA

Expand