Hello,
I'm trying to make a search on an OpenLDAP server.
Basically, I have some web logs with some user login in it. I want to do a search on them and map the username to the Real name making a LDAP search to get them.
I installed the ADd-on for LDAP, configured ldap.conf, but when I do a search it returns the
error:"External search command 'ldap' returned error code 1. "
Where can I see what is wrong ? I have no logs about the error, nothing...
Thank you
Hi alexantao,
If you're using the latest version, which is 3.0, you can enable the debugging feature in the python script myldap.py
inside the $SPLUNK_HOME/etc/apps/TA-LDAP/bin
directory. The log will be inside $SPLUNK_HOME/var/log/splunk/
and is called myldap.py.log
cheers, MuS
Hi alexantao,
If you're using the latest version, which is 3.0, you can enable the debugging feature in the python script myldap.py
inside the $SPLUNK_HOME/etc/apps/TA-LDAP/bin
directory. The log will be inside $SPLUNK_HOME/var/log/splunk/
and is called myldap.py.log
cheers, MuS
Hi,
I was getting same error and enable debug as suggested, getting the below errors, could you please help in fixing?
2016-03-30 09:10:07,045 ERROR myldap:63 - ERROR: LDAP modul load failed with error /lib64/libc.so.6: version GLIBC_2.14' not found (required by /opt/splunk/etc/apps/TA-LDAP/bin/ldap/ldap/libssl.so.10)!
GLIBC_2.14' not found (required by /opt/splunk/etc/apps/TA-LDAP/bin/ldap/ldap/libssl.so.10)!
2016-03-30 09:11:10,123 ERROR myldap:63 - ERROR: LDAP modul load failed with error /lib64/libc.so.6: version
2016-03-30 09:11:14,583 ERROR myldap:63 - ERROR: LDAP modul load failed with error /lib64/libc.so.6: version `GLIBC_2.14' not found (required by /opt/splunk/etc/apps/TA-LDAP/bin/ldap/ldap/libssl.so.10)!
Thanks!
Hi kpavan,
The error is pretty clear and straight forward version GLIBC_2.14' not found
, read the this from the documentation of the the app:
cheers, MuS
Hi MuS,
I have updated glibc from 2.14 to 2.17, but now am getting the below error when am running the query |ldap basedn="o=splunk,c=ae" ldap_filter="(objectclass=person)"
and |ldap basedn="o=splunk,c=ae" ldap_filter="(objectclass=*)" both result error are same.
2016-04-04 13:44:24,836 ERROR myldap:357 - ERROR: {'desc': 'No such object'}
2016-04-04 13:46:18,242 ERROR myldap:357 - ERROR: {'desc': 'No such object'}
2016-04-04 13:47:41,862 ERROR myldap:357 - ERROR: {'desc': 'No such object'}
2016-04-04 13:49:34,170 ERROR myldap:357 - ERROR: {'desc': 'No such object'}
copied ldap.conf from default
[bund]
server = x500.bund.de
port = 389
binddn =
basedn = cn=Liegenschaften,o=Bund,c=DE
password = 0
ldap_filter = (objectclass=*)
usessl = 0
[default]
server = ldap.forumsys.com
port = 389
usessl = 0
binddn = cn=read-only-admin,dc=example,dc=com
basedn = dc=example,dc=com
password = cGFzc3dvcmQ=
ldap_filter = (objectclass=*)
[TESTSSO]
server =
port = 17890
usessl = 0
binddn = cn=splunkuser,o=splunk,c=ae
basedn = o=splunk,c=ae
password = xxxxxx
ldap_filter = (objectclass=person)
Not sure where is issue, could you please what should the correct config/command to for search
Your LDAP connection is working now.
You forgot the specify the server=TESTSSO
parameter.
If this is not set the command will use all the settings of the [default]
stanza.
cheers, MuS
Corrected configs, its working now!
Thank you!
You're welcome - feel free to up vote any useful answer and comment 😉
cheers, MuS
unfortunately this does not work for me either
ERROR: LDAP modul load failed with error libsasl2.so.2: cannot open shared object file: No such file or directory!
Hi there,
I'm currently working on a major new release of it, please hold and wait ...
cheers, MuS
PS: but looking at the error, it sound like the typical missing pre-requirements - from the documentation of the the app:
Thank you, now I know that this little Add-On needs GLIBC 2.14, but my system (CentOS 6.6) has only 2.12 and I cannot upgrade until I upgrade the OS.
Anyway, thanks !