Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Most LDAP users don't appear/aren't usable

rhansen
Explorer
‎11-28-2012 05:41 AM

I have setup the LDAP structure and don't see all of my users in the Group mapping.

Under Manager>>Access controls>>Authentication method>>LDAP strategies>>LDAP Groups, I have setup the specific group to map to Admin, in the text box below it shows all 50~ of my users.

If I save that screen and go to Manager>>Access controls>>Users only 14 users show up. I have deleted the mapping and started over, I have tried mapping to a different global catalog, nothing helps.

What am I missing here?

Splunk 5.0 build 140868 on 2008 R2 SP1
DC = 2008 R2 Ent

Thanks

Tags (3)
0 Karma
Reply

rhansen
Explorer
‎11-28-2012 06:31 AM

Solved it!

I was mistaken about your first answer. You are partially correct. I was able to log in with another account that was not listed. Once I logged in with that account, it showed up in the Users list.

The problem that I was having was that I had not filled out the "Display name" field in ADUC. That prevented my account from logging in. Once I completed the Display name field, my account was able to login.

0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎11-28-2012 06:21 AM

In order for the user to show up in the user list, I believe they must first login. Once they login, then their user account gets created within Splunk, and will show in the GUI.

Reply

MuS
SplunkTrust
SplunkTrust
‎11-28-2012 06:31 AM

have a look at this http://splunk-base.splunk.com/answers/50175/ldap-authentication-troubleshooting-information

cheers

0 Karma
Reply

Drainy
Champion
‎11-28-2012 06:27 AM

Do you have any local users with the same username as yours? These will override your AD user of the same name. Also, you might find it worth turning up the logging levels of the ldap logger in System settings

0 Karma
Reply

alacercogitatus
SplunkTrust
SplunkTrust
‎11-28-2012 06:26 AM

Do you have a User Base Filter configured? That will limit who can login as well as with a Group.

0 Karma
Reply

rhansen
Explorer
‎11-28-2012 06:24 AM

I wish that were the case... I had already tried to log in with my account and that didn't work. I get the error "Invalid username or password". If I log in with one of the 14 accounts listed, it works.

I also "Copy" one of the users in ADUC that is listed in Splunk. The new user did not show up, so I don't think there is anything special about the AD users.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...