Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Single user not showing up in LDAP user list

Eli_Klein
Explorer
‎10-06-2011 08:04 AM

I have roughly 100 users who are functioning just fine in an LDAP (AD) authenticated splunk deployment. There is one user who isn't showing up in the user list. The group membership didn't match at first, but now it does. The user still isn't showing up. I tried restarting splunk and also refreshed the LDAP configuration.

Does anyone have any ideas as to how to get splunk to pull the userlist down again?

This is Splunk 4.2.2 (101277).

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

Eli_Klein
Explorer
‎10-17-2011 10:49 AM

In this case, the issue was that this single user didn't have a defined "displayName".

There are two options...

1) Change the "Real Name Attribute" to CN, which will always be there.

OR

2) Add a displayName, which is what I did.

Problem solved, though it would be super nice if the error message was something more detailed than:

10-17-2011 11:30:23.020 -0600 ERROR ScopedLDAPConnection - Could not read invalid entry at DN CN=My User,CN=Users,DC=domain,DC=com

View solution in original post

Reply
Solved! Jump to solution
Solution

Eli_Klein
Explorer
‎10-17-2011 10:49 AM

In this case, the issue was that this single user didn't have a defined "displayName".

There are two options...

1) Change the "Real Name Attribute" to CN, which will always be there.

OR

2) Add a displayName, which is what I did.

Problem solved, though it would be super nice if the error message was something more detailed than:

10-17-2011 11:30:23.020 -0600 ERROR ScopedLDAPConnection - Could not read invalid entry at DN CN=My User,CN=Users,DC=domain,DC=com

Reply
Solved! Jump to solution

dwaddle
SplunkTrust
SplunkTrust
‎10-06-2011 09:07 AM

if you get an ldif of this user and a working one, is there any difference in objectclasses and such?

0 Karma
Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...