server = host1;host2;host3

raziasaduddin · ‎11-21-2013

I downloaded the SA LDAP Search and noticed that the password for the account that I use to search my domains is stored in base64. Are there any plans to make it more secure like the authentication.conf LDAP strategies? We were able to get the designers of the Cisco IPS app to pass the authentication through the app instead of storing passowrds in conf files.

[spl.com]

server = host1;host2;host3

port = 636

ssl = true

basedn = DC=spl,DC=com

binddn = cn=Splunk Searcher,OU=Managed Service Accounts,DC=spl,DC=com

password = {64}fohhiuehgihgri

alternatedomain = SPL

jcoates_splunk · ‎03-28-2015

Hi, we switched to Splunk's internal password storage mechanism in 2014 (version 2.0).

Jason · ‎12-18-2013

There are definitely more secure ways of storing passwords, which they should be using. in the meantime, here's how to "securely" (at least on your own box, not through some internet service) base64 your password:

$ ./bin/splunk cmd python
>>> import base64
>>> base64.b64encode('enterMyPWhere')
'base64encpwhere=='

Don't forget to leave off the quotes when pasting back in to the conf file!

raziasaduddin · ‎11-21-2013

Also, If I enter a password in as base 64, it does not work, but if I do it in plaintext, it does. Thanks for the assistance!

SA LDAP Search password in base 64

server = host1;host2;host3

port = 636

ssl = true

basedn = DC=spl,DC=com

binddn = cn=Splunk Searcher,OU=Managed Service Accounts,DC=spl,DC=com

password = {64}fohhiuehgihgri

alternatedomain = SPL

Tips & Tricks When Using Ingest Actions

Announcing Our Splunk MVPs

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!