https://community.splunk.com/t5/Security/Splunk-LDAP-password-update/m-p/446859#M10472 <P>were you using search query in splunk?<BR /> or<BR /> were you connecting splunk using the service account? </P> Fri, 08 Jun 2018 14:03:59 GMT logloganathan 2018-06-08T14:03:59Z https://community.splunk.com/t5/Security/Splunk-LDAP-password-update/m-p/446858#M10471 <P>Hi,</P> <P>We have updated the password for the service account which we use for LDAP authentication. I have updated the new bindDnpassword in authentication file but when I restarted the splunk service the old password has been restored. After I spent some time I have understood that the splunk.secrete file restoring the old password.</P> <P>I have followed the below steps and still the issue not fixed</P> <P>1) Ran powershell command<BR /> Get-ChildItem -Recurse *.conf | Select-String -Pattern '\$1\$.' -List</P> <P>etc\apps\Splunk_TA_windows\default\transforms.conf:807:FORMAT = abc<BR /> etc\system\local\authentication.conf:10:bindDNpassword = xyz<BR /> etc\system\local\server.conf:2:sslKeysfilePassword = 123</P> <P>1) Updated the binddnpassword in authentication </P> <P>bindDNpassword = xyzi bindDNpassword = newpassword</P> <P>2) Restarted the splunk service - this time the old value not been restored in authentication file. I can see the value for binddnpassword has been encrypted in authentication file</P> <P>Still the users unable to access splunk.</P> Tue, 29 Sep 2020 19:54:51 GMT https://community.splunk.com/t5/Security/Splunk-LDAP-password-update/m-p/446858#M10471 ganga201 2020-09-29T19:54:51Z https://community.splunk.com/t5/Security/Splunk-LDAP-password-update/m-p/446859#M10472 <P>were you using search query in splunk?<BR /> or<BR /> were you connecting splunk using the service account? </P> Fri, 08 Jun 2018 14:03:59 GMT https://community.splunk.com/t5/Security/Splunk-LDAP-password-update/m-p/446859#M10472 logloganathan 2018-06-08T14:03:59Z