Reporting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

LDAP Configuration, Invalid credentials issue.

fabianbr
New Member
‎08-15-2013 12:57 PM

Hello Splunkers.
Im new to splunk and have been tasked with configuring LDAP, I have edited the authentication.conf file as below.

authType = LDAP
authSettings = ldap1

[ldap1]
host = sjcldap.ad.ea.com
port = 3268
SSLEnabled = 0
bindDN = emsguest
bindDNpassword = ##hashed password##
userBaseDN = dc=ad,dc=ea,dc=com
userBaseFilter = (objectclass=)
groupBaseDN = dc=ad,dc=ea,dc=com
groupBaseFilter = (objectclass=)
userNameAttribute = sAMAccountName
realNameAttribute = displayName
groupMappingAttribute = uid
groupMemberAttribute = uniqueMember
groupNameAttribute = uid

in splunkd.log file I see the following:
08-15-2013 05:12:14.914 -0700 ERROR ScopedLDAPConnection - strategy="ldap1" Error binding to LDAP. reason="Invalid credentials"
08-15-2013 05:12:14.914 -0700 INFO IndexProcessor - adjusting tb licences
08-15-2013 05:12:14.914 -0700 ERROR UserManagerPro - LoadLDAPUsersThread: Error loading all LDAP users for strategy="ldap1"
08-15-2013 05:12:14.917 -0700 INFO CMConfig - A splunktcp forwarder port is not configured in inputs.conf
08-15-2013 05:12:14.917 -0700 INFO TcpInputConfig - SSL clause not found or servercert not provided - SSL ports will not be available

If I execute the following ldapsearch command it works:
ldapsearch -x -h sjcldap.ad.ea.com -p 3268 -D "esmguest" -w "esmguest" -b "dc=ad,dc=ea,dc=com" "samaccountname=*"

So what Am I missing or doing wrong?

Any thoughts or comments you can provide will be appreciated.

Best Regards.

0 Karma
Reply

bbialek
Path Finder
‎02-04-2016 04:43 PM

I was getting the following error when loading LDAP configuration from system/local/authentication.conf file:

Error binding to LDAP. reason="Invalid credentials"

The problem was due to me having bindDNpassword in a form of a hash instead of plain text. It turns out you need Splunk do the hashing on it own.

0 Karma
Reply

fabianbr
New Member
‎08-16-2013 10:47 AM

Hello Team.

I found out what the issue was, I was giving bad credentials :(.

Now im getting a new message
"Your LDAP strategy 'ldap1' is not returning any groups. Please check your LDAP configuration or consult splunkd.log for LDAP errors."

Anyway I will open a new thread for that.

Have a Great Day.

Regards.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...