Splunk Active Directory Add-on

Hi,
I have just installed splunk enterprise, I want to monitor windows data etc.
I installed the Add-on for active director App and the windows app and am trying to configure them. I have opened the AD App and have started configuring using the wizard. I have entered the following parameters:
Domain name = mydomain.ie
Alternate Domain name = mydomain
LDAP Server:
                  Hostname = ip address of domain controller
                  port = 389
                  ssl = blank
Credentials:
                  Bind DN = mydomain\domain admin username
                  Password = Domain admin user password

When I hit test I get an error:
could not access the directory service at ldap://DC IP Address:389 ldapinvalidcredentialsresult - 49 - invalidcredentials - none - 80090308: ldaperr: dsid-0c0903a9, comment: acceptsecuritycontext error, data 52e, v1db0 - bindresponse - none"

I some time also get an error stating the Alternate domain name is in the domain please correct,

Any ideas what I am doing wrong here, the splunk documentation is not very helpful for a novice

Thanks
padraic CarronIT SecurityAsked:
Who is Participating?
 
Joseph DalyConnect With a Mentor Commented:
From the info you you posted up it looks like your Bind DN is incorrect. Distinguished names normally take the form of.

CN=username,OU=People,DC=domain,DC=com

The easiest way to get the correct DN is to use ADSI edit and browse to the account you want to use, select it, right cick and choose properties. You will want to copy the distinguished name field.
0
 
Joseph DalyCommented:
Actually heres an even easier way to get your DN. From any computer with Microsoft AD powershell cmdlets installed run the following command

get-aduser {admin username}  | select-object distinguishedname
0
 
padraic CarronIT SecurityAuthor Commented:
Thanks that seemed to work, but when I go to save it fails on the Alternate domain name.
I have put in the paramaters:
Domain name = mydomain.ie
Alternate Domain = mydomain
The error is "This domain is in use by the mydomain.ie"
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Joseph DalyCommented:
I'm not too familiar with the product you are using but my two suggestions would be.

1. You may not need the additional domain name.

2. It may be referring to your DNS domain name versus your netbios domain name.

I would try number 1 first.
0
 
padraic CarronIT SecurityAuthor Commented:
I just put in a dummy name and it seemed to work ???
0
 
Joseph DalyCommented:
You probably don't need it.
0
All Courses

From novice to tech pro — start learning today.