Group name attribute: Look for the key that is associated with the full name of the group (likely cn) Real name attribute: Look for the key that is associated with the full name of the user (likely displayName) GroupBaseDN: Look at the Distinguished name for the group that you got from ldifde and take everything after cn=foo UserBaseDN: Look at the Distinguished name for the user that you got from ldifde and take everything after cn=foo The values that you will need to map are:īindDN: This will be the full Distinguised Name of the user that Splunk is going to connect to the AD server as Run them from "Start-> Run" in Windows on your AD Server This gives you tree view of your Active Directory/LDAP structure similar to Windows Explorer.īoth "LDP" and "ADSIEDIT.MSC" are built in utilities that allow you to have a GUI view of Active Directory. If you are more comfortable with a GUI The Sysinternals team offers a nice utility called Active Directory Explorer. With those two entries we should be able to come up with nf that will allow Splunk to authenticate users. The ldifde command is the windows equivalent of ldapsearch and should allow you to get an ldif entry for yourself and a group. If you are comfortable with the command line you can run the command ldifede.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |