Security

Splunk LDAP password update

ganga201
New Member

Hi,

We have updated the password for the service account which we use for LDAP authentication. I have updated the new bindDnpassword in authentication file but when I restarted the splunk service the old password has been restored. After I spent some time I have understood that the splunk.secrete file restoring the old password.

I have followed the below steps and still the issue not fixed

1) Ran powershell command
Get-ChildItem -Recurse *.conf | Select-String -Pattern '\$1\$.' -List

etc\apps\Splunk_TA_windows\default\transforms.conf:807:FORMAT = abc
etc\system\local\authentication.conf:10:bindDNpassword = xyz
etc\system\local\server.conf:2:sslKeysfilePassword = 123

1) Updated the binddnpassword in authentication

bindDNpassword = xyzi bindDNpassword = newpassword

2) Restarted the splunk service - this time the old value not been restored in authentication file. I can see the value for binddnpassword has been encrypted in authentication file

Still the users unable to access splunk.

0 Karma

logloganathan
Motivator

were you using search query in splunk?
or
were you connecting splunk using the service account?

0 Karma
Get Updates on the Splunk Community!

Mastering Synthetic Browser Testing: Pro Tips to Keep Your Web App Running Smoothly

To start, if you're new to synthetic monitoring, I recommend exploring this synthetic monitoring overview. In ...

Splunk Edge Processor | Popular Use Cases to Get Started with Edge Processor

Splunk Edge Processor offers more efficient, flexible data transformation – helping you reduce noise, control ...

Introducing New Splunkbase Governance!

Splunk apps are essential for maximizing the value of your Splunk Experience. Whether you’re using the default ...