Hi Jochen - Yes, all the Graylog nodes are connected to the same MongoDB database.
When I posted my previous reply, I had not removed/re-added the LDAP settings after changing the password_secret. After doing that, the LDAP configuration seems to have stabilized. I was able to use my AD account and remain connected all day yesterday and so far today. Seems like the password_secret field may have been the key. Someone else had done the original setup and had just entered a fairly short password (I didn't pay attention to see if there were trailing spaces or not). I created the new password using pwgen and > 64 characters as recommended in the comments of the config file. At this point, I'm inclined to say "problem solved". I appreciate your help with this. Thanks, Robin On Wednesday, August 31, 2016 at 3:30:42 AM UTC-4, Jochen Schalanda wrote: > Hi Robin, > > On Tuesday, 30 August 2016 18:46:47 UTC+2, Robin H wrote: >> >> I verified that I only have 1 entry under ldap_settings in MongoDB. >> > > Just to be sure: All Graylog nodes have to connect to the very same > MongoDB database. > > > >> The password_secrets were the same between my two Graylog nodes but, just >> in case, I generated a new one. Once I'd done this, I restarted all of the >> nodes but, unfortunately, the same problem still persisted. >> > > The LDAP settings are encrypted using the password_secret from the > configuration file. If you've changed this setting and didn't reconfigure > your LDAP settings, they can't be decrypted anymore. > > Also make sure that there is no trailing whitespace after the > password_secret setting. > > Cheers, > Jochen > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/58ed03df-8ffc-4c7c-a225-67e4bd898239%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
