- Community
- :
- Splunk Answers
- :
- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Splunk Add-on for Active Directory 2.2.0 Returns N...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm trying to setup the add-on currently on a HF and for what should be a simple setup, this is a massive pain.
The HF is setup to forward the data on to the indexer as a receiver. And the app is installed with no permission issues. Here's the syntax of what I put into the UI to set this up:
Domain Name: domain.net
Alternate Domain Name: DOMAIN
Base DN: DC=domain,DC=net
Hostname: ex-dc-host-domain.net
Port: 636
SSL: Enabled
Bind DN: CN=splunk,OU=SomeTypeOfAccount,OU=DomainInternal,DC=domain,DC=net
Password: provided_password
When I go to test the connection all I see is:
Result
No results found.
Error
"
Has anyone seen this and knows what that rather unhelpful error message means? I've looked around but can't find anyone else with this issue and there is a LOT of conflicting documentation on this app out there due to deprecation and all kinds of nonsense. I used the following link to set this up:
The app is installed on the HF and the Indexers, it's a clustered indexer env, no SHC. Any help is massively appreciated.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ended up solving this myself. My solution is to tell people not to use the GUI for this as it does a very poor job on returning the actual error for you to begin tracking the issue down. What's best is to just use the config files, then test in the search bar yourself but ENABLE DEBUGGING in the search bar. The errors that are returned are far more useful. In the end after making my changes I'd then go to my HF and run
| ldaptestconnection domain=domain.net debug=true
The results this returned allowed me to very quickly diagnose a DNS issue and fix within minutes. It would be nice if the devs would make the test-connection actually return the error results and also run in debug since that is likely what you want to see when testing. shrug
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ended up solving this myself. My solution is to tell people not to use the GUI for this as it does a very poor job on returning the actual error for you to begin tracking the issue down. What's best is to just use the config files, then test in the search bar yourself but ENABLE DEBUGGING in the search bar. The errors that are returned are far more useful. In the end after making my changes I'd then go to my HF and run
| ldaptestconnection domain=domain.net debug=true
The results this returned allowed me to very quickly diagnose a DNS issue and fix within minutes. It would be nice if the devs would make the test-connection actually return the error results and also run in debug since that is likely what you want to see when testing. shrug
Build Scalable Security While Moving to Cloud - Guide From Clayton Homes
Mission Control | Explore the latest release of Splunk Mission Control (2.3)
Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7
