topic LDAP authentication caching in Security https://community.splunk.com/t5/Security/LDAP-authentication-caching/m-p/58772#M1956 <P>Hi;</P> <P>Seems like, with LDAP integrated and roles mapped to LDAP groups, Splunk will update its cached list of users and their roles only when a splunkweb session starts--ie, if we add a user to a mapped role, this does not show up in Manage &gt; Access Controls &gt; Users, but after that user logs in, he/she now shows up in that list.</P> <P>On the other hand, if we make changes to that user's role, and he/she is currently logged into splunk web, that change will not take effect unless they log out and back in--correct?</P> <P>We know we can hit manage &gt; Access Controls &gt; Authentication method &gt; Reload authentication method to reset, but:</P> <P>a) is there any setting in authentication.conf or limits.conf to make this happen on a periodic basis?</P> <P>b) we see that according to <A href="http://blogs.splunk.com/2009/08/20/reload-4-auth/">http://blogs.splunk.com/2009/08/20/reload-4-auth/</A>, we can do this via a cron job, but is this still best practice in 5.0 +?</P> <P>thanks,<BR /> bw</P> Tue, 10 Sep 2013 13:50:31 GMT bobwalden 2013-09-10T13:50:31Z LDAP authentication caching https://community.splunk.com/t5/Security/LDAP-authentication-caching/m-p/58772#M1956 <P>Hi;</P> <P>Seems like, with LDAP integrated and roles mapped to LDAP groups, Splunk will update its cached list of users and their roles only when a splunkweb session starts--ie, if we add a user to a mapped role, this does not show up in Manage &gt; Access Controls &gt; Users, but after that user logs in, he/she now shows up in that list.</P> <P>On the other hand, if we make changes to that user's role, and he/she is currently logged into splunk web, that change will not take effect unless they log out and back in--correct?</P> <P>We know we can hit manage &gt; Access Controls &gt; Authentication method &gt; Reload authentication method to reset, but:</P> <P>a) is there any setting in authentication.conf or limits.conf to make this happen on a periodic basis?</P> <P>b) we see that according to <A href="http://blogs.splunk.com/2009/08/20/reload-4-auth/">http://blogs.splunk.com/2009/08/20/reload-4-auth/</A>, we can do this via a cron job, but is this still best practice in 5.0 +?</P> <P>thanks,<BR /> bw</P> Tue, 10 Sep 2013 13:50:31 GMT https://community.splunk.com/t5/Security/LDAP-authentication-caching/m-p/58772#M1956 bobwalden 2013-09-10T13:50:31Z Re: LDAP authentication caching https://community.splunk.com/t5/Security/LDAP-authentication-caching/m-p/58773#M1957 <P>We're encountering strange issues with LDAP in version 5 and have implemented our workaround which is scripting of the auth reload command on a regular basis. </P> Tue, 17 Jun 2014 18:20:25 GMT https://community.splunk.com/t5/Security/LDAP-authentication-caching/m-p/58773#M1957 the_wolverine 2014-06-17T18:20:25Z