New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


Is there any possibility to use Active Directory users in the PRTG user management for login?

Votes:

0

Your Vote:

Up

Down

In my case it would simplify user management a lot if I could link the PRTG users to AD users.

administration prtg user

Created on Mar 3, 2010 12:59:35 PM by  Dirk Schmit (0) 1



8 Replies

Accepted Answer

Votes:

2

Your Vote:

Up

Down

As of PRTG version 9, supports AD integration.

Please see PRTG Manual: Active Directory Integration

Created on Aug 15, 2011 11:27:43 AM by  Torsten Lindner [Paessler Support]

Last change on Jan 14, 2014 4:17:09 PM by  Gerald Schoch [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Hi there,

How do we manage the integration? is it with LDAP authentication? The creation of users must follow any specific rule? I just can't find any detailed info in User's Manual / Forum.

Thank You,

Created on Dec 16, 2011 4:07:44 PM by  daluderi (0)



Votes:

0

Your Vote:

Up

Down

Created on Dec 16, 2011 4:17:48 PM by  Torsten Lindner [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Hi there,

I've seen the document.

To authenticate in AD i can use different protocols: NTLM, NTLMv2, Kerberos, LDAP... Do you support all of them? I cannot get this answer in the link or in the User's Manual.

Thank you for your support,

Created on Dec 16, 2011 4:50:51 PM by  daluderi (0)



Votes:

0

Your Vote:

Up

Down

Kerberos & NTLM is a protocol-layer to which PRTG has no access using the ADSI (Active Directory Services Interface). However there are different providers which can be supported, the two main ones being LDAP & WinNT, of which WinNT is supported by PRTG.

Created on Dec 19, 2011 12:57:34 PM by  Torsten Lindner [Paessler Support]



Votes:

0

Your Vote:

Up

Down

AD integration appears to be pretty broken, per the following limitation: "If you want to reflect changes to your AD in PRTG, you have to delete the AD user group and all members first. Then add the AD group anew. This is because PRTG does not synchronize with your AD automatically." https://www.paessler.com/manuals/prtg/active_directory_integration

Correct propagation of AD group membership changes for existing users and groups does not happen. Not immediately, not on the "hourly sync schedule" (what does that even do?), and not even once daily. Since AD users are not re-created until they log in to the PRTG GUI (and they won't receive group-based notifications until they do), this presents a problem when you need to change AD group membership since all the users will potentially miss many notifications.

Paessler development has replied that they do not consider fixing this a priority. "I hope you understand that we are not able to allocate development power into the enhancement of the AD integration within PRTG, since the big majority of our users simply is satisfied with the way it is working right now." The only way users could be satisfied with the way AD integration currently works is by only using it for AD password authentication, avoiding finer-grained group-based security, and basing notifications on mail distribution lists. These imply lowered security and higher (redundant) administrative overhead.

Created on Jul 7, 2016 6:04:57 PM by  ppanon (0)



Votes:

0

Your Vote:

Up

Down

I ran into this today. Not syncing AD changes makes no logical sense.

Created on Aug 14, 2017 7:57:41 PM by  Andrew Zbikowski (0)



Votes:

0

Your Vote:

Up

Down

Andrew, thank you for the KB-Post. May I ask which exact issue you ran into? If a user is deleted in the Active Directory, the user shouldn't be able to login to PRTG either, because logins are checked against the Active Directory (only within one hour it's cached for performance reasons).

Created on Aug 15, 2017 7:50:41 AM by  Torsten Lindner [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.