https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81869#M2731 <P>You can login with the local admin user. You need to set SSOMode = permissive.</P> <P><CODE>Permissive: Requests to Splunk Web that originate from an untrusted IP address <BR /> are redirected to a login page where they can log into Splunk without using SSO.</CODE></P> Tue, 02 Jul 2013 14:09:43 GMT alacercogitatus 2013-07-02T14:09:43Z https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81866#M2728 <P>We have splunk instance enabled with SSO using CA siteminder. The user authorization is using splunk user config. All users configured with splunk are able to authenticate and authorize correctly. Keeping SSO enabled, is there anyway we can login to splunk using the local admin account of splunk? </P> <P>We are accessing splunk via the proxy URL and direct URL of splunk would give SSO error.</P> <P>this is the web.conf and server.conf configuration</P> <P><CODE>web.conf<BR /> [settings]<BR /> \#SSO<BR /> SSOMode = strict<BR /> trustedIP = 10.93.171.10<BR /> remoteUser = Corpid<BR /> \#tools.proxy.on = true</CODE></P> <P><CODE>server.conf<BR /> [general]<BR /> trustedIP=127.0.0.1</CODE></P> Tue, 02 Jul 2013 11:33:00 GMT https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81866#M2728 anoopambli 2013-07-02T11:33:00Z https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81867#M2729 <P>I guess it's not possible. You can assign one user, admin privilege. the local admin can access through splunk web default port. As LDAP will not find any name "admin" in your groups i suppose it's not possible.</P> Tue, 02 Jul 2013 11:49:46 GMT https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81867#M2729 linu1988 2013-07-02T11:49:46Z https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81868#M2730 <P>So that means once you have SSO enabled, you cant use the local account as that is not bound with any domain user account for authentication. The option left is to assign admin roles to one of the domain user who can authenticate. Is that correct?</P> Tue, 02 Jul 2013 12:06:36 GMT https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81868#M2730 anoopambli 2013-07-02T12:06:36Z https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81869#M2731 <P>You can login with the local admin user. You need to set SSOMode = permissive.</P> <P><CODE>Permissive: Requests to Splunk Web that originate from an untrusted IP address <BR /> are redirected to a login page where they can log into Splunk without using SSO.</CODE></P> Tue, 02 Jul 2013 14:09:43 GMT https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81869#M2731 alacercogitatus 2013-07-02T14:09:43Z https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81870#M2732 <P>You can with your default splunk web access port. which is by default 8000. Splunk authenticated user will be able to access through this. Others can use SSO like you have configured.</P> Tue, 02 Jul 2013 15:49:20 GMT https://community.splunk.com/t5/Security/logging-in-with-local-admin-while-SSO-is-enabled/m-p/81870#M2732 linu1988 2013-07-02T15:49:20Z