Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to fix the Splunk LDAP AD SYN issue ?

Hemnaath
Motivator
‎03-16-2022 05:41 AM

Hi All,

One of our Cyber security person facing a strange issue while trying to access the data from the Splunk search portal.
Initial level of troubleshooting the issue we found that Roles/Permission are not syncing but later we found that Roles/Permission are auto changing frequently. We could not find any ERROR/WARN in the splunkd.log, so not sure how to troubleshoot this issue

Splunk version : 8.2 

OS: Linux 

Authentication mode: LDAP 

Environment: Splunk distributed Production Environment. 

Problem statement:  Roles/Permission are not syncing properly its getting auto changed frequently. 

Kindly let me know what are steps we should follow to troubleshoot this type of issue.

Labels (1)
Labels
Tags (3)
0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Registration is OPEN!

Ready. Set. Splunk! Your favorite Splunk user event is back and better than ever. Get ready for more technical ...

Detecting Cross-Channel Fraud with Splunk

This article is the final installment in our three-part series exploring fraud detection techniques using ...

Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside

Pack your bags (and maybe your dancing shoes)—Cisco Live is heading to San Diego, June 8–12, 2025, and Splunk ...
Top