All Apps and Add-ons

LDAP connection invalid

bruce845
Explorer

Hi.

When I try to use this add-on, on a specific case, it shows me this error on splunklib.log:

2018-08-14 16:54:01,748, Level=ERROR, Pid=64693, Logger=splunklib, File=search_command.py, Line=971, LDAPError at "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 106 : LDAP connection invalid
Traceback:
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/splunklib/searchcommands/search_command.py", line 771, in _process_protocol_v2
self._execute(ifile, None)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/splunklib/searchcommands/generating_command.py", line 196, in _execute
self._record_writer.write_records(self.generate())
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/splunklib/searchcommands/internals.py", line 519, in write_records
for record in records:
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldapquery.py", line 93, in generate
result_type, result_data = l.result(result_id, 0)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 503, in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 507, in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 514, in result3
resp_ctrl_classes=resp_ctrl_classes
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 521, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 106, in _ldap_call
result = func(args,*kwargs)

The add-on can connect to my OpenLDAP (I captured the packets with tcpdump and I see on Wireshark the connection works).

Someone can help me with this issue? I'm using SO Red Hat Enterprise Linux Server release 7.4 (Maipo).

0 Karma

adrianblakey
New Member

I have the same issue - please can you explain how to fix it?

I have a test python program with the same parameters that works fine.

My (redacted) command line is:

| ldapquery uri="ldap://ldapserver.foo" basedn="Dc=ds,dc=ent" scope="subtree" binddn="CN=ENT_SVC_GITSPLUNK,OU=ServiceAccounts,OU=Users,OU=Enterprise,DC=ds,DC=ent" bindpassword="pwd" ldapfilter="(&(objectClass=user)(sAMAccountName=uid))" attributelist="company manager"

LDAPError at "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 106 : LDAP connection invalid

Splunk ent 6.5.2 RHEL 7.5

0 Karma

naveydt
New Member

I also get the same error

0 Karma

doksu
SplunkTrust
SplunkTrust

Hi @bruce845, I'm the author of the app but not yet quite sure what the cause of that error might be. It's a bit difficult without more information. Can you query your directory successfully with other parameters via the app? If so, there might be something problematic about that specific query; would be it possible to share a redacted version? I'm 'trustedsubject' on the Splunk Community Slack if you'd like to message me privately. Alternatively, you can click the 'Contact Developer' in Splunkbase to e-mail me (and PGP encrypt if necessary).

0 Karma

bruce845
Explorer

Hi doksu.

Connecting anonymously on my LDAP server, your add-on works with no errors. I need to put my password on base64?

Regards,
Bruce Campos

0 Karma

doksu
SplunkTrust
SplunkTrust

Hi Bruce,

Thanks very much for the extra info. The password doesn't need to be in base64. I'm currently trying to replicate the error at my end so I can figure out the cause and fix it.

Cheers,
Doug

0 Karma
Get Updates on the Splunk Community!

This Week's Community Digest - Splunk Community Happenings [9.26.22]

Get the latest news and updates from the Splunk Community here! Upcoming User Group Events! 👏 Check ...

BSides Splunk 2022 - The Call for Papers is now Open!

TLDR; Main Site: https://bsidessplunk.com CFP Site: https://bsidessplunk.com/cfp CFP Opens: December 15th, ...

Sending Metrics to Splunk Enterprise With the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...