topic LDAP Search don't work in Security https://community.splunk.com/t5/Security/LDAP-Search-don-t-work/m-p/66671#M2191 <P>Hi,</P> <P>Recently I configured splunk authentication and I mapped groups of our LDAP to use SPLUNK, but i tried to log-in through one LDAP user unsuccesfully.</P> <P>This is the message that I can view in S.o.S for splunk when i attemp to log-in:</P> <P>ERROR AuthenticationManagerLDAP - Couldn't find matching groups for user="xxxx". Search filter="(memberuid=uid=xxxx,ou=xxxx,dc=xxxx,dc=local)" strategy="FOO"</P> <P>It seems that includes memberuid without sense for me. How could I configure correctly my ldap auth to achieve some ldap search similar to this one?</P> <P>uid=xxxx,ou=xxxx,dc=xxxx,dc=local</P> Wed, 18 Sep 2013 15:31:47 GMT ifarre 2013-09-18T15:31:47Z LDAP Search don't work https://community.splunk.com/t5/Security/LDAP-Search-don-t-work/m-p/66671#M2191 <P>Hi,</P> <P>Recently I configured splunk authentication and I mapped groups of our LDAP to use SPLUNK, but i tried to log-in through one LDAP user unsuccesfully.</P> <P>This is the message that I can view in S.o.S for splunk when i attemp to log-in:</P> <P>ERROR AuthenticationManagerLDAP - Couldn't find matching groups for user="xxxx". Search filter="(memberuid=uid=xxxx,ou=xxxx,dc=xxxx,dc=local)" strategy="FOO"</P> <P>It seems that includes memberuid without sense for me. How could I configure correctly my ldap auth to achieve some ldap search similar to this one?</P> <P>uid=xxxx,ou=xxxx,dc=xxxx,dc=local</P> Wed, 18 Sep 2013 15:31:47 GMT https://community.splunk.com/t5/Security/LDAP-Search-don-t-work/m-p/66671#M2191 ifarre 2013-09-18T15:31:47Z Re: LDAP Search don't work https://community.splunk.com/t5/Security/LDAP-Search-don-t-work/m-p/66672#M2192 <P>Not sure how your AD is defined, however here is an example with a virtual AD for testing <BR /> Here is a sample LDAP search query </P> <P>ldapsearch -h "YOURHOSTNAME" or "Ipaddress" -p "your LDAP port" -b "CN=Splunk Users,OU=Security Groups - SPLUNK,DC=YOURS,DC=IT,DC=Splunk,DC=edu" -x -D "Splunk service account" -W "groupNameAttribute" </P> <P>My AD has a "OU" or group called "Security Groups-Splunk" Under that Group, <BR /> I created a "CN" or group called Splunk Users, you can place your potential users in that group. <BR /> The display or real user name is "Splunk Service account" -You will need to specify credentials when you test with LDAP search. So ensure you have the correct password. Otherwise your account maybe locked out based upon your inherent Security Group policies. <BR /> You can also substitute "realNameAttribute" "displayname" "member" "userNameAttribute"" after -W for further testing</P> <P>Sample (Domain Component) or your Domain name = yours.IT.Splunk.edu</P> <P>You can verify your ad configuration using another LDAP Windows GUI browser. I used Active Directory Explorer<BR /> Once it works go to Map groups to verify users from Splunk web interface </P> <P>"<A href="http://YourSplunkServer.yours.IT.Splunk.edu8000/en-US/manager/yours/authentication/providers/LDAP">http://YourSplunkServer.yours.IT.Splunk.edu8000/en-US/manager/yours/authentication/providers/LDAP</A>"</P> <P>HTHs</P> Mon, 30 Nov 2015 22:05:52 GMT https://community.splunk.com/t5/Security/LDAP-Search-don-t-work/m-p/66672#M2192 Voltaire 2015-11-30T22:05:52Z