I have the Splunk Support for Active Directory version 2.1.3 and there are 100 scheduled searches that run once in a quarter and make use of the ldapfetch command. Why am I getting this error?:
2016-05-03 09:55:47,380, Level=ERROR, Pid=59212, File=search_command.py, Line=282, Abnormal exit: SASLprep error: inappropriate for plain text character present
This log entry is picked up from SA-ldapsearch.log.
The result of this error is that the scheduled search is terminated without any output events.
Looks like the username or password you're using for your LDAP binding contains an invalid/unsupported character.
https://www.ietf.org/rfc/rfc4013.txt
AFAIK, c6 is the latin character Æ, but i'm not certain on this... just what i found googling latin ascii table c6:
http://www.tutorialspoint.com/html/ascii_table_lookup.htm
Check your ldap bind username/password for any funny characters. Retype them for good measure.
To figure this out i opened search_command.py, went to line 282 which is where I found it was just an error_exit function. So then i look at sasl part of the error, opened sasl.py, found line 91 to be the exact error you had... and then I read the rfc on stringprep which is being used at that point.
Looks like the username or password you're using for your LDAP binding contains an invalid/unsupported character.
https://www.ietf.org/rfc/rfc4013.txt
AFAIK, c6 is the latin character Æ, but i'm not certain on this... just what i found googling latin ascii table c6:
http://www.tutorialspoint.com/html/ascii_table_lookup.htm
Check your ldap bind username/password for any funny characters. Retype them for good measure.
To figure this out i opened search_command.py, went to line 282 which is where I found it was just an error_exit function. So then i look at sasl part of the error, opened sasl.py, found line 91 to be the exact error you had... and then I read the rfc on stringprep which is being used at that point.
Further searching reveals all the c4 xx hex characters found in this UTF-8 reference here:
http://www.utf8-chartable.de/unicode-utf8-table.pl?number=512
Some look just like normal letters... like j G A, etc. but they are "high level" characters that arent found on a normal keyboard and are incompatible with LDAP as per RFCs. You'll find some of the exact same letters higher/sooner in the UTF chart, those are the "low level" ASCII characters you should be using.
Just retype your user/pass using an ANSI keyboard.
https://deskthority.net/wiki/ANSI_vs_ISO
I retyped my password and the error went away.
Thanks for your tip.
The pleasure is all mine! Thanks for marking as the answer.
Does anyone else face the same issue? Will someone care to answer my question?
It says inappropriate plain text character present... I assume this means some high level ascii character is somewhere but it's expecting plain text at that point. I'll check the Python code later and let you know what it could be.