The free splunk do not have ldap (search free vs enterprise). Some people do a reverse proxy config with ldap authentication to workaround this.
The 30 days demo is really a enterprise version and after some fight i manage to put it working with a Windows Active Directory (AD)... but it will probably stop working after the 30days.
here is my config:
[AD]
SSLEnabled = 0
anonymous_referrals = 0
bindDN = domain\bindusername
bindDNpassword = encoded pass
charset = utf8
groupBaseDN = dc=ad-domain,dc=tld
groupBaseFilter = (objectclass=*)
groupMappingAttribute = dn
groupMemberAttribute = member
groupNameAttribute = cn
host = DC-server.domain.pt
nestedGroups = 1
network_timeout = 20
port = 389
realNameAttribute = cn
sizelimit = 1000
timelimit = 15
userBaseDN = dc=ad-domain,dc=tld
userBaseFilter = (&(objectCategory=person)(objectClass=user)(mail=*))
userNameAttribute = samaccountname
My main error was the "Group mapping attribute" (ie: groupMappingAttribute in the config), where i put other things and the correct config is dn
... View more