Security

How can I append basedn to member uid mappings when using LDAP authentication?

Simon
Contributor

Hi all,

unfortunately the userid given in the group member attribute of my ldap group is only the single userid without the full dn. Is there a way to tell splunk it should append a dn when searching for memberships?

At the moment splunk can't find my group member ship, when starting up he tells me:

08-10-2010 13:47:14.598 ERROR ScopedLDAPConnection - Read for DN 'sibalz' gave error: Invalid DN syntax
08-10-2010 13:47:14.598 ERROR ScopedLDAPConnection - Could not read invalid entry at DN sibalz

And later when loggin in:

08-10-2010 13:48:02.446 ERROR AuthenticationManagerLDAP - Couldn't find matching groups for user 'sibalz'. Search filter used: (memberuid=uid=sibalz,ou=People,dc=t-systems,dc=ch)

Thanks Simon

Tags (2)
1 Solution

Simon
Contributor

Ok folks, I just gave the solution myself 🙂

In this case you have to set

groupMappingAttribute = uid

With this attribute, you tell splunk which attribute of the user object he should use when looking up group memberships.

View solution in original post

Simon
Contributor

Ok folks, I just gave the solution myself 🙂

In this case you have to set

groupMappingAttribute = uid

With this attribute, you tell splunk which attribute of the user object he should use when looking up group memberships.

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...