<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Splunk Support for Active Directory: How to use GSS-API authentication rather than Simple-Auth in Getting Data In</title>
    <link>https://community.splunk.com/t5/Getting-Data-In/Splunk-Support-for-Active-Directory-How-to-use-GSS-API/m-p/430492#M75345</link>
    <description>&lt;P&gt;Splunk Version: 6.6.11&lt;BR /&gt;
SA-ldapsearch App Version: 2.1.6 Build: 738 &lt;/P&gt;

&lt;P&gt;Hello,&lt;/P&gt;

&lt;P&gt;we have multiply domains in the forest and were able to connect to most domains using LDAP on 636 (TLS) using a Bind in DN-Format.&lt;BR /&gt;
But with two domains we are not using Simple-Auth via TLS Port 636 but rather GSS-API without TLS on Port 389 (GSS will add an secure layer).&lt;/P&gt;

&lt;P&gt;It seems the addon does not support this authentication at all because we always get the error message&lt;/P&gt;

&lt;P&gt;"External search command 'ldaptestconnection' returned error code 1. Script output = "error_message= # host: XXXX.DC: Could not access the directory service at ldap://XXXX.DC:389: Invalid credentials for the user with binddn="&lt;A href="mailto:User@Domain.de"&gt;User@Domain.de&lt;/A&gt;". Please correct and test your SA-ldapsearch credentials in the context of domain="XXXX.DC" ""&lt;/P&gt;

&lt;P&gt;But the credentials are definately correct and I am able to connect with various tools like LDP.exe or LDAPAdmin with the same settings without any problems.&lt;/P&gt;

&lt;P&gt;How to make SA-ldapsearch use GSS-API with Port 389 on a DC using UPN-Username "&lt;A href="mailto:User@otherdomain.de"&gt;User@otherdomain.de&lt;/A&gt;"  with and without SASL ?&lt;/P&gt;</description>
    <pubDate>Wed, 07 Aug 2019 14:31:58 GMT</pubDate>
    <dc:creator>bahndg</dc:creator>
    <dc:date>2019-08-07T14:31:58Z</dc:date>
    <item>
      <title>Splunk Support for Active Directory: How to use GSS-API authentication rather than Simple-Auth</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/Splunk-Support-for-Active-Directory-How-to-use-GSS-API/m-p/430492#M75345</link>
      <description>&lt;P&gt;Splunk Version: 6.6.11&lt;BR /&gt;
SA-ldapsearch App Version: 2.1.6 Build: 738 &lt;/P&gt;

&lt;P&gt;Hello,&lt;/P&gt;

&lt;P&gt;we have multiply domains in the forest and were able to connect to most domains using LDAP on 636 (TLS) using a Bind in DN-Format.&lt;BR /&gt;
But with two domains we are not using Simple-Auth via TLS Port 636 but rather GSS-API without TLS on Port 389 (GSS will add an secure layer).&lt;/P&gt;

&lt;P&gt;It seems the addon does not support this authentication at all because we always get the error message&lt;/P&gt;

&lt;P&gt;"External search command 'ldaptestconnection' returned error code 1. Script output = "error_message= # host: XXXX.DC: Could not access the directory service at ldap://XXXX.DC:389: Invalid credentials for the user with binddn="&lt;A href="mailto:User@Domain.de"&gt;User@Domain.de&lt;/A&gt;". Please correct and test your SA-ldapsearch credentials in the context of domain="XXXX.DC" ""&lt;/P&gt;

&lt;P&gt;But the credentials are definately correct and I am able to connect with various tools like LDP.exe or LDAPAdmin with the same settings without any problems.&lt;/P&gt;

&lt;P&gt;How to make SA-ldapsearch use GSS-API with Port 389 on a DC using UPN-Username "&lt;A href="mailto:User@otherdomain.de"&gt;User@otherdomain.de&lt;/A&gt;"  with and without SASL ?&lt;/P&gt;</description>
      <pubDate>Wed, 07 Aug 2019 14:31:58 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/Splunk-Support-for-Active-Directory-How-to-use-GSS-API/m-p/430492#M75345</guid>
      <dc:creator>bahndg</dc:creator>
      <dc:date>2019-08-07T14:31:58Z</dc:date>
    </item>
    <item>
      <title>Re: Splunk Support for Active Directory: How to use GSS-API authentication rather than Simple-Auth</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/Splunk-Support-for-Active-Directory-How-to-use-GSS-API/m-p/430493#M75346</link>
      <description>&lt;P&gt;Have same problem too.&lt;BR /&gt;
Have you found any solution or workaround?&lt;/P&gt;</description>
      <pubDate>Thu, 23 Jan 2020 08:08:46 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/Splunk-Support-for-Active-Directory-How-to-use-GSS-API/m-p/430493#M75346</guid>
      <dc:creator>mkalyakin</dc:creator>
      <dc:date>2020-01-23T08:08:46Z</dc:date>
    </item>
  </channel>
</rss>

