Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Security
- :
- User unable to access splunk using LDAP authentica...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I've configured splunk for LDAP authentication but have been having issue with a user.
This user(A) exists under the LDAP network group with several other members.I've given the "user" role to this network group and initialy they can all be seen under Manager>access control>Users list.
Recently user(A) complains that he is unable to log in with his AD credentials.When I checked I discovered user(A) is not listed under the Users list anymore but the other members of the LDAP network group remains.
I performed the same step to add "user" role to the network group again and user (A) reappears under the list.
However user(A) is still unable to login with his AD credentials and after the failed login,user(A) is removed from the Users list....
Any idea?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've checked the AD for the user and found that the user is not in the User Base DN that I've specified already.Have added back the user...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've checked the AD for the user and found that the user is not in the User Base DN that I've specified already.Have added back the user...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is the error in splunkd:
eg.
12-13-2010 09:48:38.538 ERROR AuthenticationManagerLDAP - Could not find user: user(A)
Could it be the user base filtering issue?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When this user is in the list,its "default inherited app from" is blank.Theres no error in splunkd for this user as well.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)
Automating Threat Operations and Threat Hunting with Recorded Future
