I ask this because I just spent a while trying to debug why installing the "Microsoft Supporting Add-on for Active Directory" would not work when I deployed it using the deployment server. I determined that it is using the REST api to encrypt the password for the LDAP account being configured. This however uses the current server (Master Nodes) private key... and therefore when deployed to the other servers, they cannot perform a successful BIND as they cannot successfully decrypt the LDAP account password. I understand the challenges of secure credentials when deploying however this wouldn't be an issue if two things happened:
1. Check for running directory and notify the user if the App is being run for the first time from the slave-apps directory to allow them to re-enter the credentials.
2. Web GUI works after deployment.
This add-on's web GUI also appears broken when deployed into the slave-apps directory... but I am still troubleshooting this... If anyone has any idea where to start that would be help. I am assuming some sort of static reference (/opt/splunk/etc/apps/SA_ldapsearch) to directories has been made instead of a relative reference ($SPLUNK_DIR/SA_ldapsearch), but its just a guess.
↧