All Apps and Add-ons

User permissions:Why are ldapfilter, ldapgroups, ldapfetch not working with non-default stanza?

schose
Builder

Hi forum,

I'm trying to setup sa-ldapsearch for multiple clients. The whole idea is that a client is not allowed to use lookups of another client while using the same searchhead. I tried to copy SA-ldapsearch and rename the app in app.conf to give application level permissions. Every ldap app has its own ldap.conf, which look like this..

[bwtest.loc]
alternatedomain = BWTEST
basedn = DC=bwtest,DC=loc
binddn = svc-splunk@bwtest.loc
port = 389
server = 192.168.208.10
ssl = 0

command ldapsearch is working fine, but ldapfilter, ldapgroup and ldapfetch is not:

2018-09-11 15:42:57,500, Level=ERROR, Pid=19384, File=configuration.py, Line=407, Missing required value for alternatedomain in ldap/BWTEST.
2018-09-11 15:52:11,294, Level=ERROR, Pid=19892, File=configuration.py, Line=407, Missing required value for alternatedomain in ldap/bwtest.loc.

it looks like configuration.py is not finding the alternatedomain in bwtest.loc stanza. if i configure the settings in the default stanza, it works for me - unfortunately, this does not work for multiple concurrent installations.

any hints? Has anyone installed multiple instances of SA-ldapsearch on a single search head?

Regards,
Andreas

0 Karma
Get Updates on the Splunk Community!

Routing Data to Different Splunk Indexes in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...

Getting Started with AIOps: Event Correlation Basics and Alert Storm Detection in ...

Getting Started with AIOps:Event Correlation Basics and Alert Storm Detection in Splunk IT Service ...

Register to Attend BSides SPL 2022 - It's all Happening October 18!

Join like-minded individuals for technical sessions on everything Splunk!  This is a community-led and run ...