- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Re: LDAP strategy is not returning any groups.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
LDAP strategy is not returning any groups.
Hello everyone.
I have configured LDAP with my splunk, everything seems to be working correctly, but i'm getting the following error message.
"Your LDAP strategy 'ldap1' is not returning any groups. Please check your LDAP configuration or consult splunkd.log for LDAP errors."
Here's what my authentication.conf file looks like.
[authentication]
authType = LDAP
authSettings = ldap1
[ldap1]
host = sjcldap.ad.ea.com
port = 3268
SSLEnabled = 0
bindDN = esmguest
bindDNpassword = ############
userBaseDN = dc=ad,dc=ea,dc=com
userBaseFilter = (objectclass=)
groupBaseDN = dc=ad,dc=ea,dc=com
groupBaseFilter = (objectclass=)
userNameAttribute = sAMAccountName
realNameAttribute = displayName
groupMappingAttribute = uid
groupMemberAttribute = uniqueMember
groupNameAttribute = uid
[roleMap_ldap1]
And i'm seeing this in my splunkd.log file
08-15-2013 07:14:24.071 -0700 INFO ShutdownHandler - shutting down level "ShutdownLevel_LoadLDAPUsers"
08-15-2013 07:14:32.089 -0700 WARN AuthenticationManagerLDAP - strategy="ldap1" The group="admin" was not found on the LDAP server, removing it from the role map
08-15-2013 07:14:32.264 -0700 WARN AuthenticationManagerLDAP - strategy="ldap1" The group="dbarajas@contractor.ea.com" was not found on the LDAP server, removing it from the role map
08-15-2013 07:15:59.219 -0700 WARN AdminManager - Endpoint has not specified a type for val=LDAP, will return this as a string in JSON API.
08-15-2013 07:19:02.841 -0700 INFO ShutdownHandler - shutting down level "ShutdownLevel_LoadLDAPUsers"
08-15-2013 07:19:15.988 -0700 WARN AuthenticationManagerLDAP - strategy="ldap1" The group="Admin" was not found on the LDAP server, removing it from the role map
08-15-2013 07:19:16.049 -0700 WARN AuthenticationManagerLDAP - strategy="ldap1" The group="Users" was not found on the LDAP server, removing it from the role map
08-15-2013 18:09:32.183 -0700 ERROR AuthenticationManagerLDAP - Could not find user="nobody" with strategy="ldap1"
08-15-2013 18:09:32.184 -0700 ERROR UserManagerPro - Failed to get LDAP user="nobody" from any configured servers
Any help you can provide is welcomed.
Have a Great Day.
Regards.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We found that only populated groups will show in the UI. Empty groups are omitted. You can probably edit the authentication.conf file to add your groups.
We also left the user filter empty.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good find Stemo76. was ready to pull my hair out ..
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What should be edited in the authentication.conf to be able to find empty group ?
Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!
Transform your security operations with Splunk Enterprise Security
Splunk Admins and App Developers | Earn a $35 gift card!
