Integrate LDAP/Active Directory authentication

Cacti not only has its own built-in user authentication mechanism, but can also be configured to use one or more LDAP or even Active Directory servers for authentication. As the authorization (access rights and permissions) are not stored on the external server, the user has still to be created within Cacti. So, how does Cacti know if a user is going to authenticate against the external server or is using the built-in method? Cacti uses the concept of an Authentication Realm for this. An Authentication Realm is basically the authentication method an end user uses to log on to Cacti. A user can only belong to one realm. When using LDAP Authentication, local users can still log on by choosing the Local Realm from the login dialog:

The Web-Basic authentication does not allow this, as it always expects to get a user ID from the browser and displays an error message if it does not get a user ID.