https://community.splunk.com/t5/Security/How-to-configure-authentication-in-distributed-environment/m-p/307645#M8099 <P>I have a handful of Splunk servers. I'm trying to understand, does authentication work like deployed apps? Meaning, if I add a new role/ldap group mapping on the search head cluster master or on the deployment server, should I expect that configuration to replicate to the search heads, indexers, etc?<BR /> Or do I need to create that role and mapping on each search head individually?</P> Fri, 31 Mar 2017 20:19:45 GMT upgrayyyed 2017-03-31T20:19:45Z https://community.splunk.com/t5/Security/How-to-configure-authentication-in-distributed-environment/m-p/307645#M8099 <P>I have a handful of Splunk servers. I'm trying to understand, does authentication work like deployed apps? Meaning, if I add a new role/ldap group mapping on the search head cluster master or on the deployment server, should I expect that configuration to replicate to the search heads, indexers, etc?<BR /> Or do I need to create that role and mapping on each search head individually?</P> Fri, 31 Mar 2017 20:19:45 GMT https://community.splunk.com/t5/Security/How-to-configure-authentication-in-distributed-environment/m-p/307645#M8099 upgrayyyed 2017-03-31T20:19:45Z https://community.splunk.com/t5/Security/How-to-configure-authentication-in-distributed-environment/m-p/307646#M8100 <P>On Search Head Clusters, you should NOT use "deployment-server" nor by cluster master, but the distributing component to manage Search Head is called as "<A href="http://docs.splunk.com/Documentation/Splunk/6.5.2/DistSearch/PropagateSHCconfigurationchanges">deployer</A>". So create an app with its authentication.conf and authorize.conf with the details and push it via deployer. It will go into the Search Head members and get's replicated automatically.</P> <P>Attached is <A href="http://www.isplunker.com/2017/01/splunk-integration-with-active.html">document and working code example in github</A></P> Fri, 31 Mar 2017 21:45:25 GMT https://community.splunk.com/t5/Security/How-to-configure-authentication-in-distributed-environment/m-p/307646#M8100 koshyk 2017-03-31T21:45:25Z https://community.splunk.com/t5/Security/How-to-configure-authentication-in-distributed-environment/m-p/307647#M8101 <P>If you are not using a Search Head Cluster, but instead are using individual Search Heads, you can do it like this:</P> <P><A href="https://answers.splunk.com/answers/514258/search-heads-authentication-credentials-rejected-b.html#answer-514306">https://answers.splunk.com/answers/514258/search-heads-authentication-credentials-rejected-b.html#answer-514306</A></P> Fri, 31 Mar 2017 22:12:29 GMT https://community.splunk.com/t5/Security/How-to-configure-authentication-in-distributed-environment/m-p/307647#M8101 woodcock 2017-03-31T22:12:29Z