Thanks For Downloading!Review the documentation below and follow any custom installation steps. If no install steps are listed, most Splunk Apps and Add-ons can be installed as follows: Windows: Decompress the downloaded file using a tool like 7-Zip and place the resulting folder into Unix/Linux: Decompress the downloaded file using a tool like DescriptionThis app (also known as SA-ldapsearch) provides support functions that enable you to extract information from an Active Directory database. For instance, you can search Active Directory for records, presenting the records as events, or augment existing events with information from Active Directory based on information within the events. Versions and Release Notes
Version 1.1.9 (current version - updated Jan 31, 2013)
release notes:
Added support for Solaris, HP-UX, FreeBSD, Mac and other *nix varieties.
Version 1.1.6
(updated Nov 20, 2012)
release notes:
Support for 32-bit versions of java on Windows (that don't write the install location to the registry), plus support for posix:permissions on Windows.
Version 1.1.5
(updated Nov 14, 2012)
release notes:
Added logic to alter the Java classpath when the OS is Windows.
Version 1.1.4
(updated Nov 09, 2012)
release notes:
* Updated configuration file such that only a single stanza per domain is required. (The configuration file is backwards compatible)
Version 1.1.2
(updated Aug 17, 2012)
release notes:
Corrected the error message that is displayed when JAVA is not installed properly. The old message did not actually tell you Java was not there. If you have a working install of SA-ldapsearch, then you do not need to upgrade to v1.1.2
Version 1.1.1
(updated Aug 13, 2012)
|
Where is the online documentation for this app???
Documentation is with the app.
Great App, 3 issues I found.
1.When I use the ldapfilter command with a search that uses sparklines, the sparklines show up as the raw data instead of the visualization like below.
##__SPARKLINE__##,0,0,0,0,44.698039,26.687234,38.470284,.....
2.Using the ldapfilter flattens any of my multivalued fields in the original search results.
3.When using the ldapfilter command the dn Attribute is always listed in the results even if I only ask for certain ones such as attrs="telephoneNumber,displayName"
Thoughts?
Reviews are not the place for issues - I don't see them for quite some time (if ever)
This update instantly fixed any ldapsearch issues i had with the AD app (my Splunk is installed on Win2k8R2)
Many thanks ahall your contribution is legendary
I get the message: External search command 'ldapsearch' returned error code 1. ERROR: java.lang.UnsupportedOperationException: 'posix:permissions' not supported as initial attribute
here the log entries from SA-ldapsearch.log
2012-11-19 17:05:55.313 +0100 pid=1228 [com.splunk.program.LDAPSearch:main#-1] ERROR Exception java.lang.UnsupportedOperationException thrown: 'posix:permissions' not supported as initial attribute
2012-11-19 17:05:55.313 +0100 pid=1228 [com.splunk.program.LDAPSearch:main#-1] ERROR Stack Trace sun.nio.fs.WindowsSecurityDescriptor.fromAttribute (-1)
2012-11-19 17:05:55.313 +0100 pid=1228 [com.splunk.program.LDAPSearch:main#-1] ERROR Stack Trace sun.nio.fs.WindowsFileSystemProvider.createDirectory (-1)
2012-11-19 17:05:55.313 +0100 pid=1228 [com.splunk.program.LDAPSearch:main#-1] ERROR Stack Trace java.nio.file.Files.createDirectory (-1)
2012-11-19 17:05:55.313 +0100 pid=1228 [com.splunk.program.LDAPSearch:main#-1] ERROR Stack Trace com.splunk.config.SplunkEnvironment.getTmpFile (-1)
2012-11-19 17:05:55.313 +0100 pid=1228 [com.splunk.program.LDAPSearch:main#-1] ERROR Stack Trace com.splunk.program.LDAPSearch.Execute (-1)
2012-11-19 17:05:55.313 +0100 pid=1228 [com.splunk.program.LDAPSearch:main#-1] ERROR Stack Trace com.splunk.program.LDAPSearch.main (-1)
Any ideas?
I found the solution: you have to create manually the directory: ...varrunSA-ldapsearch The problem is the java method: getTmpFile() in SplunkEnvironment Class. Somehow the the call to Files.createDirectory(localPath, new FileAttribute[] { PosixFilePermissions.asFileAttribute(PosixFilePermissions.fromString("rwxr-xr-x")) }); doesn't have the permissions to create the new directory on the windows platform.
There needs to be a link to this app from the Splunk for AD app. I found it very hard to find this SA.
