All Apps and Add-ons

Non admin user role cannot use Active Directory dashboard of computers with ldapfilter commands



I'm having trouble to make Splunk App for Windows Infrastructure Computer's dashboards that uses ldapsearch and ldapfilter commands to work. All non admin users cannot use the command, it returns an error: External seach command 'ldapfilter' returned error code 1. Script output= " ERROR "000004DC: LdapErr: DSID-0C09072B, commanet: In order to perform this operation a successful bind must be completed on the connection, data 0, v2580" "

Does anyone knows how to make it work without changing all the users to "admin" role?

Thanks and regards,

Gabriel Freitas

0 Karma


Works only with admin capabilities. More information in the below post.

Revered Legend

The ldapfilter command is part of "SA-LDAPSearch" app (Splunk Supporting Add-on for Active Directory). Do the users have read access to this app??

0 Karma


Yes, all roles have read access to this app.

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...