All Apps and Add-ons

How to fix problem with attribute errors due to split in ldapgroup.py

hettervi
Builder

Hi,

I'm using the ldapgroup command from SA-ldapsearch (Splunk Supporting Add-on for Active Directory). It allows me to get obtain nested users in AD groups. However, there is a problem with the command when running the command for certain groups in my AD. Although we can't "see it", there seem to be "list objects" in some of the AD groups and/or users, as opposed to "normal" string objects. we get the following error in Splunk when trying to use the ldapgroup command on these groups (cut away some not interesting lines).

AttributeError at ".../ldapgroup.py": 'list' object has no attribute 'split'
Traceback:
...
netbios_domain_name = entry_attributes.get('msDS-principalName', ' ').split('\\',1)[0]

Does anyone have a solution to this problem other than manually going through AD and changing all the list objects? That would also mean we would need a way to actually identify these objects. In addition, is there any arguments for not using list objects in AD? If not, then the ldapgroup script should have supported list objects as well, and I can file this as a bug/improvement.

0 Karma

semonbright
New Member

The AttributeError is an exception thrown when an object does not have the attribute you tried to access. The 'list' object has no attribute 'split' error is that you're trying to call python split function on the whole list of lines, and you can't split a list of strings, only a string. So, you need to split each line, not the whole thing.

 

0 Karma

koshyk
Super Champion

which SA-ldapsearch version you using? I thought this was fixed in the latest versions

0 Karma

hettervi
Builder

Hi. I'm using version 2.2.0. As far as I can tell this is the latest version.

0 Karma

robert_miller
Path Finder

Did you ever figure this out?

0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!