java problem with active-directory

perlish · ‎11-28-2013

I want to use the splunk app for active directory.I have installed the central splunk instance and ad app in two systems,one is win2008,the other is centos 6.2.But I come across problems within two system.The following is details:
1、win 2008 system
OS:Microsoft Windows Server 2008 R2 Enterprise
JAVA VERSION:java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) 64-Bit Server VM (build 24.45-b08, mixed mode)
PROBLEM:The ad app can't load my domain information,and when I use the "Group Audit",it reports errors like "External search command 'ldapsearch' returned error code 1.ERROR: java.lang.NullPointerException: null"

2、Centos 6.2 system
OS:CentOS release 6.2 (Final)
JAVA VERSION：java version "1.7.0_45"
Java(TM) SE Runtime Environment (build 1.7.0_45-b18)
Java HotSpot(TM) 64-Bit Server VM (build 24.45-b08, mixed mode)
PROBLEM：The app can load my domain information,but when I use "Group Audit",it report errors like External"search command 'ldapsearch' returned error code 1.ERROR: com.unboundid.ldap.sdk.LDAPException: Unable to establish a connection to any server in the fastest connect set because connection attempts failed in all servers."

I think all these is because the java ,but how can I solve them?

Adrian · ‎01-30-2014

I would start by reviewing this troubleshooting section of the documentation related to the Splunk App for AD.

java problem with active-directory

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?