topic Splunk admin not 'admin' in Security

Splunk admin not 'admin'

bpeasland — Thu, 06 Dec 2018 15:36:05 GMT

My server team wants to stop using AD for authentication and start using SAML. In a test system, we implemented SAML. But I am no longer able to login with the 'admin' user. My domain id has the admin role in Splunk Enterprise 6.6. Will I lose any functionality by never being able to login as the 'admin' user? Is there something that only that user can do, but someone with the admin role cannot do?

Thanks!

Re: Splunk admin not 'admin'

p_gurav — Fri, 07 Dec 2018 06:55:01 GMT

This link may be helpful:

https://answers.splunk.com/answers/93575/logging-in-with-local-admin-while-sso-is-enabled.html

Re: Splunk admin not 'admin'

myriadic — Mon, 10 Dec 2018 19:41:31 GMT

As long as you have the "admin" role, you can do everything the admin user can.

Also, you can still log in with local accounts, such as admin, using the URL:

https://HOSTNAME/account/login?loginType=splunk