Solved: How can I append basedn to member uid mappings whe...

Simon · ‎08-10-2010

Hi all,

unfortunately the userid given in the group member attribute of my ldap group is only the single userid without the full dn. Is there a way to tell splunk it should append a dn when searching for memberships?

At the moment splunk can't find my group member ship, when starting up he tells me:

08-10-2010 13:47:14.598 ERROR ScopedLDAPConnection - Read for DN 'sibalz' gave error: Invalid DN syntax
08-10-2010 13:47:14.598 ERROR ScopedLDAPConnection - Could not read invalid entry at DN sibalz

And later when loggin in:

08-10-2010 13:48:02.446 ERROR AuthenticationManagerLDAP - Couldn't find matching groups for user 'sibalz'. Search filter used: (memberuid=uid=sibalz,ou=People,dc=t-systems,dc=ch)

Thanks Simon

Simon · ‎08-10-2010

Ok folks, I just gave the solution myself 🙂

In this case you have to set

groupMappingAttribute = uid

With this attribute, you tell splunk which attribute of the user object he should use when looking up group memberships.

View solution in original post

Simon · ‎08-10-2010

Ok folks, I just gave the solution myself 🙂

In this case you have to set

groupMappingAttribute = uid

With this attribute, you tell splunk which attribute of the user object he should use when looking up group memberships.

How can I append basedn to member uid mappings when using LDAP authentication?

Detecting Remote Code Executions With the Splunk Threat Research Team

Observability | Use Synthetic Monitoring for Website Metadata Verification

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk