Re: AuthenticationManagerLDAP Error Message and Ba...

asarolkar · ‎02-27-2013

Hi All,

We are currently getting the following error

ERROR AuthenticationManagerLDAP - Could not find user="nobody" with strategy="LDAP DC02"
host=something

Not sure what error is causing this error.

Is it a known error message that appears when Splunk does not successfully bind to AD?
Is it a LDAP-role mapping issue ?
Should I perhaps be looking at BaseDN/groupbaseDN configuration ?

The user "nobody" looks a bit suspicious.

NageswariV · ‎09-22-2014

HI, I find the same error with some of my users as well. how to resolve this issue? please help.

lmyrefelt · ‎06-17-2014

1.No
2. No, not really
3. No

I found dshpritz answer here helpfull;
http://answers.splunk.com/answers/49525/splunkdlog-error-message
Running; find /path/to/splunk/apps -iname *.meta -exec grep -il "nobody" {} ; gives me all objects owned by nobody and thus i can easily change it to an more appropriate context / user .
Hope it helps 🙂

lmyrefelt · ‎06-17-2014

No
No, not really
No

I found dshpritz answer here helpfull;
http://answers.splunk.com/answers/49525/splunkdlog-error-message

Running; find /path/to/splunk/apps -iname *.meta -exec grep -il "nobody" {} \; gives me all objects owned by nobody and thus i can easily change it to an more appropriate context / user .

Hope it helps 🙂

xzjc3q · ‎03-07-2014

I have the same issue as well. Would be interested in an answer.

gadjet · ‎08-03-2013

The user 'nobody' is supposed to be for 'configuration items' that aren't assigned a user.

I'm experiencing the same errors, and I would also like to know why it occurs, and how to stop it.

AuthenticationManagerLDAP Error Message and BaseDN setting

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases