Security

LDAP Filter Adding Distinguished Name (DN)

ryan_t_gavin
New Member

We've been struggling to set up Splunk to use LDAP authentication for a while now. After finally getting it to bind successfully, it lists the groups when I map roles; however, when I log in as a user under a mapped role + group combo, it does not work. The DEBUG logs show the LDAP server returned no entries in search for DN="ou=Groups,dc=XXXX" filter="(&(memberuid=uid=XXXX,)(cn=*)"

A manual ldapsearch for the below does work:

ldapsearch -x -D "uid=XXXX,ou=XXX,dc=XXX" -W -H  -b "ou=XXX,dc=XXX" "(&(memberuid=XXXX)(cn=*))"

It LOOKS in the logs like Splunk is trying to do this equivalent search:

ldapsearch -x -D "uid=XXXX,ou=XXX,dc=XXX" -W -H  -b "ou=XXX,dc=XXX" "(&(memberuid=uid=XXXX,ou=XXX,dc=XXX)(cn=*))" 

Specifically, if it would just not put the DN in the filter, it should work. Any advice to get this working?

Tags (2)
0 Karma
Get Updates on the Splunk Community!

How to Get Started with Splunk Data Management Pipeline Builders (Edge Processor & ...

If you want to gain full control over your growing data volumes, check out Splunk’s Data Management pipeline ...

Out of the Box to Up And Running - Streamlined Observability for Your Cloud ...

  Tech Talk Streamlined Observability for Your Cloud Environment Register    Out of the Box to Up And Running ...

Splunk Smartness with Brandon Sternfield | Episode 3

Hello and welcome to another episode of "Splunk Smartness," the interview series where we explore the power of ...