Splunk Cloud Platform

Securing Splunk Cloud Platform

Acrobat logo Download manual as PDF

Acrobat logo Download topic as PDF

Test your LDAP configuration

If you find that Splunk Enterprise is not able to connect to your LDAP server, try these troubleshooting steps:

1. Check $SPLUNK_HOME/var/log/splunk/splunkd.log for any authentication errors. Turn on DEBUG-level logging for AuthenticationManagerLDAP to get more information here. This can be done from the Splunk Web UI - Server Settings/Server Logging.

2. Remove any custom values you've added for userBaseFilter and groupBaseFilter.

3. In the *nix command line, you can use ldapsearch to confirm that the variables you are specifying will return the expected entries:

ldapsearch -x –h <ldap_host> –p <ldap_port> –D "bind_dn" -w "bind_passwd" -b "user_basedn" "userNameAttribute=*"

ldapsearch -x –h <ldap_host> –p <ldap_port> –D "bind_dn" -w "bind_passwd" –b "group_basedn" "groupNameAttribute=*"

If these commands return matching entries, then your backend LDAP system is properly configured. Continue to troubleshoot the Splunk LDAP strategy configuration.

Last modified on 22 May, 2018
Map LDAP groups and users to Splunk roles in the configuration files
Convert to LDAP from Splunk authentication

This documentation applies to the following versions of Splunk Cloud Platform: 8.1.2103, 8.2.2104, 8.2.2105 (latest FedRAMP release), 8.2.2106, 8.2.2107

Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters