I installed the V1.1.3 SA-LDAPSearch tool, configured and successfully connected to and can query my Oracle DSEE7 LDAP Instance. When upgrading to V2.0 now named "Splunk Supporting Add-on for Active Directory"....I now get "invalid" DN (err=34) whenever I try to connect. I have used a Services account, a user account and "Directory Manager". All successfully connected in V1.1.3 however NONE will connect in V2.0. All result in an "Invalid DN" error in my LDAP Access log.
My ldap.conf which works in V1.1.3
[dscc7]
server = dsee7.myorg.com
port = 389
ssl = false
basedn = DC=myorg, DC=com
binddn = uid=diradminapi,ou=services,dc=myorg, dc=com
password = {64}encyrptedpwd
my ldap.conf that does NOT work in V2.0
[dscc7]
server = dsee7.myorg.com
port = 389
ssl = 0
basedn = DC=myorg, DC=com
binddn = cn=admin, cn=administrators, cn=administrators, cn=dscc
LDAP Access Log when running the "TEST" COnnection:
[23/Oct/2014:19:07:46 +0000] conn=5133007 op=2 msgId=3 - BIND dn="cn=admin,cn=administrators,cn=dscc" method=128 version=3
[23/Oct/2014:19:07:46 +0000] conn=5133007 op=2 msgId=3 - RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=admin,cn=administrators,cn=dscc"
[23/Oct/2014:19:07:46 +0000] conn=5133007 op=3 msgId=4 - SRCH base="" scope=0 filter="(objectClass=*)" attrs="subschemaSubentry +"
[23/Oct/2014:19:07:46 +0000] conn=5133007 op=3 msgId=4 - RESULT err=0 tag=101 nentries=1 etime=0
[23/Oct/2014:19:07:46 +0000] conn=5133007 op=4 msgId=5 - RESULT err=34 tag=101 nentries=0 etime=0, Invalid DN
[23/Oct/2014:19:07:46 +0000] conn=5133007 op=5 msgId=0 - RESULT err=80 tag=120 nentries=0 etime=0
Any Ideas? What is V2.0 doing differently when connecting to the LDAP Repository?
Thanks.
Firstly off, let's get the obvious around - we don't support the Oracle LDAP server, so you are pretty much on your own here. That being said, I think you are suffering from what a lot of other suffer form - the base DN not being filled in on searches. Others have complained that they need to reference a basedn="something" when searching.
I don't know that this is your problem, but you can test it by specifying the basedn="something" in your search.
I'm looking at v2.0.1 to fix this problem. Until then, downgrade to v1.1.13.
Dear splunk,
Can you please update the ldap3 library used by this app as it will allow the proper basedn that was a bug in the previous version.
Recommend using this git repo as it is currently being maintained.
Firstly off, let's get the obvious around - we don't support the Oracle LDAP server, so you are pretty much on your own here. That being said, I think you are suffering from what a lot of other suffer form - the base DN not being filled in on searches. Others have complained that they need to reference a basedn="something" when searching.
I don't know that this is your problem, but you can test it by specifying the basedn="something" in your search.
I'm looking at v2.0.1 to fix this problem. Until then, downgrade to v1.1.13.
It is NOT Obvious. There is no docmetation save for the .conf 2014 presentation. Where it shows how to configure for LDAP.
Ok - change your binddn back to what it was in v1.1.3 - I'm not sure why you changed it then complained the new one didn't work.
Documentation is available on http://docs.splunk.com as always.
Wow....so this is MY fault now??? LOL.
And if you look at your docs....there is NOTHING for V2.0!!! only V2.01.
Hi, you can use the drop-down at the top right of the docs page to select different versions. Because 2.0.1 is the latest version, it's showing up by default. You can also replace "latest" in the URL with a version number if you know what you're after.
binddn = cn=admin, cn=administrators, cn=administrators, cn=dscc also works in V1.1.3 of SA-Ldapsearch