https://community.splunk.com/t5/Getting-Data-In/Error-when-configuring-LDAP-authentication-over-SSL-to-Active/m-p/95278#M19856 <P>I have installed Splunk on a Windows 2012 server. I am able to configure unsecured LDAP to a Windows domain controller, but as soon as I enable LDAP over SSL and change the port, I receive the error in Splunk Web:</P> <P><STRONG>Encountered the following error while trying to update: In handler 'LDAP-auth': strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"</STRONG></P> <P>Additionally, in SPLUNKD.log I see the following limited info:</P> <P><STRONG>07-15-2013 11:02:33.221 -0500 ERROR ScopedLDAPConnection - strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"</STRONG></P> <P><STRONG>07-15-2013 11:02:33.221 -0500 ERROR AdminHandler:AuthenticationHandler - strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"</STRONG></P> <P>I have reviewed the instructions listed <A href="http://docs.splunk.com/Documentation/Splunk/latest/Security/ConfigureLDAPwithSplunkWeb">here</A>, including placing the root CA cert of the LDAP server certificate in <STRONG>$SPLUNK_HOME/etc/openldap/certs/</STRONG> and then modifying the <STRONG>ldap.conf</STRONG> file accordingly. I have confirmed basic connectivity on the LDAPS port (636) of the domain controller using telnet client from the Splunk server.</P> <P>Could anyone provide some additional insight or ideas into what I might be missing? Help will be greatly appreciated.</P> Mon, 15 Jul 2013 18:07:49 GMT castellowc 2013-07-15T18:07:49Z https://community.splunk.com/t5/Getting-Data-In/Error-when-configuring-LDAP-authentication-over-SSL-to-Active/m-p/95278#M19856 <P>I have installed Splunk on a Windows 2012 server. I am able to configure unsecured LDAP to a Windows domain controller, but as soon as I enable LDAP over SSL and change the port, I receive the error in Splunk Web:</P> <P><STRONG>Encountered the following error while trying to update: In handler 'LDAP-auth': strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"</STRONG></P> <P>Additionally, in SPLUNKD.log I see the following limited info:</P> <P><STRONG>07-15-2013 11:02:33.221 -0500 ERROR ScopedLDAPConnection - strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"</STRONG></P> <P><STRONG>07-15-2013 11:02:33.221 -0500 ERROR AdminHandler:AuthenticationHandler - strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"</STRONG></P> <P>I have reviewed the instructions listed <A href="http://docs.splunk.com/Documentation/Splunk/latest/Security/ConfigureLDAPwithSplunkWeb">here</A>, including placing the root CA cert of the LDAP server certificate in <STRONG>$SPLUNK_HOME/etc/openldap/certs/</STRONG> and then modifying the <STRONG>ldap.conf</STRONG> file accordingly. I have confirmed basic connectivity on the LDAPS port (636) of the domain controller using telnet client from the Splunk server.</P> <P>Could anyone provide some additional insight or ideas into what I might be missing? Help will be greatly appreciated.</P> Mon, 15 Jul 2013 18:07:49 GMT https://community.splunk.com/t5/Getting-Data-In/Error-when-configuring-LDAP-authentication-over-SSL-to-Active/m-p/95278#M19856 castellowc 2013-07-15T18:07:49Z https://community.splunk.com/t5/Getting-Data-In/Error-when-configuring-LDAP-authentication-over-SSL-to-Active/m-p/95279#M19857 <P>I have the same issue, installing SPLUNK 5.0.4 on a Windows 2k8 R2 server. authenticating to a Windows 2008 native domain.<BR /> Testing LDAP using LDAP Search v4.5 (from SecurityXploded)I can make a secure connection to the ldap server and return a list of users, however with exactly the same BIND account and base DN strings in Splunk I am getting "Error binding to LDAP. reason="Can't contact LDAP server"</P> Mon, 19 Aug 2013 22:35:20 GMT https://community.splunk.com/t5/Getting-Data-In/Error-when-configuring-LDAP-authentication-over-SSL-to-Active/m-p/95279#M19857 JohnHowellANZ 2013-08-19T22:35:20Z https://community.splunk.com/t5/Getting-Data-In/Error-when-configuring-LDAP-authentication-over-SSL-to-Active/m-p/95280#M19858 <P>We're seeing the exact same issue - can bind just fine without SSL on 389 but as soon as we force the use of SSL on our domain controllers by setting the "Domain Controller: LDAP server signing requirements" entry to "Require signing" it throws the error you got. We're tried both 636 and 3269 for the port with no luck. </P> <P>Our environment consists of a Windows Server 2008 R2 DC and a Splunk 6.0.1 install. </P> Thu, 30 Jan 2014 02:07:31 GMT https://community.splunk.com/t5/Getting-Data-In/Error-when-configuring-LDAP-authentication-over-SSL-to-Active/m-p/95280#M19858 spsponger2 2014-01-30T02:07:31Z