From d3b43d608a2fd668d938f66516b436d3013bc96c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9lix=20Bouynot?= <felixbouynot@gmail.com>
Date: Sat, 16 Jul 2022 05:14:26 +0200
Subject: [PATCH] Add SELinux configuration for LDAP/AD authentication on
 Centos8 in the documentation (#14094)

---
 doc/Extensions/Authentication.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/doc/Extensions/Authentication.md b/doc/Extensions/Authentication.md
index 3ffb915c58..ae64699287 100644
--- a/doc/Extensions/Authentication.md
+++ b/doc/Extensions/Authentication.md
@@ -160,6 +160,13 @@ This yields `(&(objectclass=user)(sAMAccountName=$username))` for the
 user filter and `(&(objectclass=group)(sAMAccountName=$group))` for
 the group filter.
 
+### SELinux configuration
+
+On RHEL / CentOS / Fedora, in order for LibreNMS to reach Active Directory, you need to allow LDAP requests in SELinux:
+```
+setsebool -P httpd_can_connect_ldap 1
+```
+
 ## LDAP Authentication
 
 Config option: `ldap`
@@ -250,6 +257,13 @@ $config['auth_ldap_groups'] = [
 ];
 ```
 
+### SELinux configuration
+
+On RHEL / CentOS / Fedora, in order for LibreNMS to reach LDAP, you need to allow LDAP requests in SELinux:
+```
+setsebool -P httpd_can_connect_ldap 1
+```
+
 ## Radius Authentication
 
 Please note that a mysql user is created for each user the logs in