Splunk Active Directory Add-on
Posted on 2015-02-13
I have just installed splunk enterprise, I want to monitor windows data etc.
I installed the Add-on for active director App and the windows app and am trying to configure them. I have opened the AD App and have started configuring using the wizard. I have entered the following parameters:
Domain name = mydomain.ie
Alternate Domain name = mydomain
Hostname = ip address of domain controller
port = 389
ssl = blank
Bind DN = mydomain\domain admin username
Password = Domain admin user password
When I hit test I get an error:
could not access the directory service at ldap://DC IP Address:389 ldapinvalidcredentialsresult - 49 - invalidcredentials - none - 80090308: ldaperr: dsid-0c0903a9, comment: acceptsecuritycontext error, data 52e, v1db0 - bindresponse - none"
I some time also get an error stating the Alternate domain name is in the domain please correct,
Any ideas what I am doing wrong here, the splunk documentation is not very helpful for a novice