LDAP connection invalid

bruce845 · ‎08-14-2018

Hi.

When I try to use this add-on, on a specific case, it shows me this error on splunklib.log:

2018-08-14 16:54:01,748, Level=ERROR, Pid=64693, Logger=splunklib, File=search_command.py, Line=971, LDAPError at "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 106 : LDAP connection invalid
Traceback:
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/splunklib/searchcommands/search_command.py", line 771, in _process_protocol_v2
self._execute(ifile, None)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/splunklib/searchcommands/generating_command.py", line 196, in _execute
self._record_writer.write_records(self.generate())
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/splunklib/searchcommands/internals.py", line 519, in write_records
for record in records:
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldapquery.py", line 93, in generate
result_type, result_data = l.result(result_id, 0)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 503, in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 507, in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 514, in result3
resp_ctrl_classes=resp_ctrl_classes
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 521, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 106, in _ldap_call
result = func(args,*kwargs)

The add-on can connect to my OpenLDAP (I captured the packets with tcpdump and I see on Wireshark the connection works).

Someone can help me with this issue? I'm using SO Red Hat Enterprise Linux Server release 7.4 (Maipo).

adrianblakey · ‎11-20-2018

I have the same issue - please can you explain how to fix it?

I have a test python program with the same parameters that works fine.

My (redacted) command line is:

| ldapquery uri="ldap://ldapserver.foo" basedn="Dc=ds,dc=ent" scope="subtree" binddn="CN=ENT_SVC_GITSPLUNK,OU=ServiceAccounts,OU=Users,OU=Enterprise,DC=ds,DC=ent" bindpassword="pwd" ldapfilter="(&(objectClass=user)(sAMAccountName=uid))" attributelist="company manager"

LDAPError at "/opt/splunk/etc/apps/TA-pyLDAP/bin/ldap/ldapobject.py", line 106 : LDAP connection invalid

Splunk ent 6.5.2 RHEL 7.5

naveydt · ‎11-29-2018

I also get the same error

doksu · ‎08-15-2018

Hi @bruce845, I'm the author of the app but not yet quite sure what the cause of that error might be. It's a bit difficult without more information. Can you query your directory successfully with other parameters via the app? If so, there might be something problematic about that specific query; would be it possible to share a redacted version? I'm 'trustedsubject' on the Splunk Community Slack if you'd like to message me privately. Alternatively, you can click the 'Contact Developer' in Splunkbase to e-mail me (and PGP encrypt if necessary).

bruce845 · ‎08-16-2018

Hi doksu.

Connecting anonymously on my LDAP server, your add-on works with no errors. I need to put my password on base64?

Regards,
Bruce Campos

doksu · ‎09-02-2018

Hi Bruce,

Thanks very much for the extra info. The password doesn't need to be in base64. I'm currently trying to replicate the error at my end so I can figure out the cause and fix it.

Cheers,
Doug

LDAP connection invalid

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!