Known Issue: Data check page does not allow you to bypass Active Directory requirement

Introduction

This page discusses how to work around a problem where the Splunk App for Windows Infrastructure prevents you from proceeding from the data prerequisite page because there is no Active Directory data present.

Symptoms

During the guided setup experience, the Splunk App for Windows Infrastructure detects that there is no Active Directory data present and prevents you from completing first-time setup.

Cause

There is currently no option in the product to skip the Active Directory check. This problem has been identified as a bug and an update to fix it is in progress.

Workarounds

In the meantime, use the following workarounds to satisfy or bypass the Active Directory check:

Set up a domain controller temporarily

To fix this, use the configure components page to disable the following components for your Exchange Server 2007 and 2010 hosts:

1. Install a Windows host as a domain controller.

2. Install a Splunk universal forwarder on this domain controller and configure it to forward data to the indexer(s) in the Splunk App for Windows Infrastructure deployment.

3. Deploy the Active Directory add-ons into the universal forwarder to generate the necessary events.

4. After a few minutes, run the data check again.

5. Once the data check passes, disable the domain controller.

Modify the files in the app to bypass the data check temporarily

Caution: This procedure modifies the Splunk App for Windows Infrastructure directly. This procedure could be removed at any time. Performing it could damage your installation and possibly result in data loss. Splunk is not responsible for any such damage or loss, and by following this procedure, you indemnify and hold Splunk blameless for any such damage or loss. The app might not perform as expected after this change. An upgrade will remove any edits you made as part of this procedure. Do not perform this procedure unless you fully understand and are comfortable with these risks. If you are unsure, contact a member of Splunk Support or Professional Services for assistance.

1. Using a text editor, open the  %SPLUNK_HOME%\etc\apps\splunk_app_windows_infrastructure\django\splunk_app_windows_infrastructure\ static\splunk_app_windows_infrastructure\page_prechecks.js file.

2. Locate this block of code within the file:

function(isAppSetupRequired, appBuild) {
                if (isAppSetupRequired) {
                   window.location.replace('/dj/splunk_app_windows_infrastructure/setup');
                }
            }

3. Add double-slashes (//) to three lines within the code block (as shown below) to comment out the if statement. The updated block should look like the following:

function(isAppSetupRequired, appBuild) {
                // if (isAppSetupRequired) {
                //    window.location.replace('/dj/splunk_app_windows_infrastructure/setup');
                // }
            }

.

4. Save the file.

5. Log into Splunk and activate the Splunk App for Windows Infrastructure.

Note: If you need to perform guided setup later, select "Guided setup" from the "Tools and Settings" menu bar within the app.