The LDAP hover text feature fails to work after encrypting the LDAP password. LDAP authentication errors are being displayed in qradar.log.
/var/qradar/qradar.log you will see the following:
AuthenticationException error "[LDAP: error code 49 - 80090308: LdapErr:DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1^@]
The setup to provide LDAP hover over in the UI, requires the setup of a
ldap.properties file. This file contains a hashed password that must be encrypted using the command:
If non-alphanumeric characters are used it would result in the hash not able to translate the characters.
Resolving The Problem
Before you Begin: This procedure only applies to QRadar appliances at version 7.2.7 or lower.
To resolve the issue run the command:
Note: Use single quotation marks for passwords that contain non-alphanumeric characters.
This hash then is placed in the ldap. properties file that was created in the ldap.password field.
Result: LDAP hover text feature now works with encrypted passwords.
For more information please refer to, IBM Knowledge Center - Displaying hover text for LDAP information.
Where do you find more information?
Was this topic helpful?
16 June 2018