All Apps and Add-ons

User permissions:Why are ldapfilter, ldapgroups, ldapfetch not working with non-default stanza?

schose
Builder

Hi forum,

I'm trying to setup sa-ldapsearch for multiple clients. The whole idea is that a client is not allowed to use lookups of another client while using the same searchhead. I tried to copy SA-ldapsearch and rename the app in app.conf to give application level permissions. Every ldap app has its own ldap.conf, which look like this..

[bwtest.loc]
alternatedomain = BWTEST
basedn = DC=bwtest,DC=loc
binddn = svc-splunk@bwtest.loc
port = 389
server = 192.168.208.10
ssl = 0

command ldapsearch is working fine, but ldapfilter, ldapgroup and ldapfetch is not:

2018-09-11 15:42:57,500, Level=ERROR, Pid=19384, File=configuration.py, Line=407, Missing required value for alternatedomain in ldap/BWTEST.
2018-09-11 15:52:11,294, Level=ERROR, Pid=19892, File=configuration.py, Line=407, Missing required value for alternatedomain in ldap/bwtest.loc.

it looks like configuration.py is not finding the alternatedomain in bwtest.loc stanza. if i configure the settings in the default stanza, it works for me - unfortunately, this does not work for multiple concurrent installations.

any hints? Has anyone installed multiple instances of SA-ldapsearch on a single search head?

Regards,
Andreas

0 Karma
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Get Updates on the Splunk Community!

.conf25 Global Broadcast: Don’t Miss a Moment

Hello Splunkers, .conf25 is only a click away.  Not able to make it to .conf25 in person? No worries, you can ...

Observe and Secure All Apps with Splunk

 Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...