All Apps and Add-ons

Splunk DB Connect 2.4 refuses to Validate and Save a database connection, presenting "Identity field missing error". Is this a bug?

michaelba
Explorer

Splunk Community,

Before we raise a support ticket, can someone else confirm this bug in Splunk DB Connect 2.4? If there's a more appropriate place to file this, please let me know and I'll resubmit.

Expected Behavior: Splunk DB Connect should validate the connection with the domain account used by splunkd service. The UI smart enough to know the Identity field is not needed for this type of database connection.

Actual Behavior: Splunk DB Connect refuses to Validate and Save the connection and presents error: "Identity field missing". Moreover, even if we manually edit the db_connections.conf file to not specify any Identity, Splunk DB Connect refuses to use this connection.

Bug: Splunk DB Connect 2.4 validation logic needs to be enhanced to make the Identity field optional for this type of Database Connection ("MS-SQL Server Using MS Generic Driver With Windows Authentication").

alt text

Repo Steps:
1. Click (+) button to add a new Connection.
2. Enter hostname 'foo.com'
3. Select the Database Type to be 'MS-SQL Server Using MS Generic Driver With Windows Authentication'.
4. Observe the Identity field is now disabled and does not have any value selected.
5. Click Validate.
6. Observe error message: "Identity field is missing."

Requested Fix: When selecting Database Types like 'MS-SQL Server Using MS Generic Driver With Windows Authentication', which do NOT require an explicitly passed user credential, allow the Identity field to be optional.

Temporary Workaround:
Add a sentinel 'fake' identity with bogus username and password data.
When creating a new connection, first select the fake identity, then select the database connection type.
The selected identity is ignored when the connection is validated.

0 Karma
1 Solution

michaelba
Explorer

I downvoted this post because no.

when you select a connection-type of "ms-sql server using ms generic driver with windows authentication", the identity field is completely ignored during validation. i create a 'fakeuser' identity just to trick the ui to proceed with validation. my connection was validated using the security context of the service account used by splunkd.

fyi - splunk support has already acknowledged this is a bug.

View solution in original post

0 Karma

michaelba
Explorer

I downvoted this post because no.

when you select a connection-type of "ms-sql server using ms generic driver with windows authentication", the identity field is completely ignored during validation. i create a 'fakeuser' identity just to trick the ui to proceed with validation. my connection was validated using the security context of the service account used by splunkd.

fyi - splunk support has already acknowledged this is a bug.

0 Karma

jplumsdaine22
Influencer

Great - do you mind accepting your own answer so the question is marked as complete?

Cheers

0 Karma

jplumsdaine22
Influencer

I imagine this is a feature rather than a bug.

The service account running splunkd may not be a valid domain account for the connection target. For example, it may be in a non federated domain, splunkd may not be running as a domain account, dbconnect may be running on linux and not even be domain joined, etc. I would think it is reasonable that an identity field needs to be selected.

I do see your point, that you don't want to have to enter service account credentials twice, but I don't think there is any bug here.

You can raise feature enhancement requests through the support portal on splunk.com.

0 Karma
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...