I realize this questions is several months old, but is there a specific log file that can be looked through to see what information is being passed to Splunk when its attempting to authenticate the token? I have a similar ldap configuration, I get no errors when selecting the certificate on the token, but then the browser redirects to the Splunk manual user name and password page. No errors are given, so I'm going on the assumption the details I'm providing to Splunk from the token's certificate are not being found in Active Directory. ... View more