- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Simon
Contributor
08-10-2010
02:08 PM
Hi all,
unfortunately the userid given in the group member attribute of my ldap group is only the single userid without the full dn. Is there a way to tell splunk it should append a dn when searching for memberships?
At the moment splunk can't find my group member ship, when starting up he tells me:
08-10-2010 13:47:14.598 ERROR ScopedLDAPConnection - Read for DN 'sibalz' gave error: Invalid DN syntax
08-10-2010 13:47:14.598 ERROR ScopedLDAPConnection - Could not read invalid entry at DN sibalz
And later when loggin in:
08-10-2010 13:48:02.446 ERROR AuthenticationManagerLDAP - Couldn't find matching groups for user 'sibalz'. Search filter used: (memberuid=uid=sibalz,ou=People,dc=t-systems,dc=ch)
Thanks Simon
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Simon
Contributor
08-10-2010
02:31 PM
Ok folks, I just gave the solution myself 🙂
In this case you have to set
groupMappingAttribute = uid
With this attribute, you tell splunk which attribute of the user object he should use when looking up group memberships.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Simon
Contributor
08-10-2010
02:31 PM
Ok folks, I just gave the solution myself 🙂
In this case you have to set
groupMappingAttribute = uid
With this attribute, you tell splunk which attribute of the user object he should use when looking up group memberships.
