Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

AD Auth fails if /etc/resolv.conf is present

Sqig
Path Finder
‎04-28-2011 08:22 AM

Hi. We have successfully enabled Active Directory/LDAP Authentication in Splunk 4.1.3.

All works as expected.

However, when we have /etc/resolv.conf in place, logins never complete. Hitting the submit button results in a permanent "waiting for (search head)"

We have the LDAP server in authentication.conf specified by IP, so no lookup should be required.

The nameserver is responsive, if that matters.

Has anyone run across this problem?

Tags (2)
0 Karma
Reply

JSapienza
Contributor
‎04-28-2011 10:52 AM

I personally haven't seen this issue. I have setup AD auth serveral times and not had an issues.And it works just fine with the resolve.conf .
Maybe there was/is a problem with your resolve.conf ?

Did you happen have the "search" option set to your domain ?

Example:

search myDomain.local

nameserver 10.10.100.100

What did splunkd.log say ? You might want to enable debug in log.cfg is you are not seeing any specifics. http://www.splunk.com/wiki/Community:EnableDebugLogging

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...