Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Splunk Active Directory Add-on

Posted on 2015-02-13
6
Medium Priority
?
422 Views
Last Modified: 2015-02-13
Hi,
I have just installed splunk enterprise, I want to monitor windows data etc.
I installed the Add-on for active director App and the windows app and am trying to configure them. I have opened the AD App and have started configuring using the wizard. I have entered the following parameters:
Domain name = mydomain.ie
Alternate Domain name = mydomain
LDAP Server:
                  Hostname = ip address of domain controller
                  port = 389
                  ssl = blank
Credentials:
                  Bind DN = mydomain\domain admin username
                  Password = Domain admin user password

When I hit test I get an error:
could not access the directory service at ldap://DC IP Address:389 ldapinvalidcredentialsresult - 49 - invalidcredentials - none - 80090308: ldaperr: dsid-0c0903a9, comment: acceptsecuritycontext error, data 52e, v1db0 - bindresponse - none"

I some time also get an error stating the Alternate domain name is in the domain please correct,

Any ideas what I am doing wrong here, the splunk documentation is not very helpful for a novice

Thanks
0
Comment
Question by:padraic Carron
  • 4
  • 2
6 Comments
 
LVL 35

Accepted Solution

by:
Joseph Daly earned 2000 total points
ID: 40608021
From the info you you posted up it looks like your Bind DN is incorrect. Distinguished names normally take the form of.

CN=username,OU=People,DC=domain,DC=com

The easiest way to get the correct DN is to use ADSI edit and browse to the account you want to use, select it, right cick and choose properties. You will want to copy the distinguished name field.
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 40608024
Actually heres an even easier way to get your DN. From any computer with Microsoft AD powershell cmdlets installed run the following command

get-aduser {admin username}  | select-object distinguishedname
0
 

Author Comment

by:padraic Carron
ID: 40608302
Thanks that seemed to work, but when I go to save it fails on the Alternate domain name.
I have put in the paramaters:
Domain name = mydomain.ie
Alternate Domain = mydomain
The error is "This domain is in use by the mydomain.ie"
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 35

Expert Comment

by:Joseph Daly
ID: 40608330
I'm not too familiar with the product you are using but my two suggestions would be.

1. You may not need the additional domain name.

2. It may be referring to your DNS domain name versus your netbios domain name.

I would try number 1 first.
0
 

Author Comment

by:padraic Carron
ID: 40608504
I just put in a dummy name and it seemed to work ???
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 40608582
You probably don't need it.
0

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question