https://community.splunk.com/t5/Security/grant-access-to-splunk/m-p/330563#M8464 <P>where to grant access ..in access control ? give me steps<BR /> please give me detailed steps on how to gove splunk access with roles </P> Thu, 07 Dec 2017 13:07:46 GMT Mohsin123 2017-12-07T13:07:46Z https://community.splunk.com/t5/Security/grant-access-to-splunk/m-p/330563#M8464 <P>where to grant access ..in access control ? give me steps<BR /> please give me detailed steps on how to gove splunk access with roles </P> Thu, 07 Dec 2017 13:07:46 GMT https://community.splunk.com/t5/Security/grant-access-to-splunk/m-p/330563#M8464 Mohsin123 2017-12-07T13:07:46Z https://community.splunk.com/t5/Security/grant-access-to-splunk/m-p/330564#M8465 <P>Plenty of documentation. Feel free to ask additional questions on any specific issues you get stuck with. <A href="https://docs.splunk.com/Documentation/Splunk/latest/Security/UseaccesscontroltosecureSplunkdata">https://docs.splunk.com/Documentation/Splunk/latest/Security/UseaccesscontroltosecureSplunkdata</A></P> Thu, 07 Dec 2017 15:11:51 GMT https://community.splunk.com/t5/Security/grant-access-to-splunk/m-p/330564#M8465 jplumsdaine22 2017-12-07T15:11:51Z https://community.splunk.com/t5/Security/grant-access-to-splunk/m-p/330565#M8466 <P>@Anonymous</P> <P>There are multiple ways you can authenticate users to splunk. </P> <P>Below steps for LDAP authentication for Active directory based configuration. for more details check below links,</P> <P><A href="http://docs.splunk.com/Documentation/Splunk/6.6.2/Admin/Authenticationconf#authentication.conf.example" target="_blank">http://docs.splunk.com/Documentation/Splunk/6.6.2/Admin/Authenticationconf#authentication.conf.example</A><BR /> <A href="http://docs.splunk.com/Documentation/Splunk/6.6.2/Admin/Authorizeconf#authorize.conf.example" target="_blank">http://docs.splunk.com/Documentation/Splunk/6.6.2/Admin/Authorizeconf#authorize.conf.example</A></P> <P>$SPLUNK_HOME/etc/system/local/authentication.conf </P> <H4>Sample Configuration for Active Directory (AD)</H4> <P>[authentication]<BR /> authSettings = AD<BR /> authType = LDAP</P> <P>[AD]<BR /> SSLEnabled = 1<BR /> bindDN = <A href="mailto:ldap_bind@splunksupport.kom" target="_blank">ldap_bind@splunksupport.kom</A><BR /> bindDNpassword = ldap_bind_user_password<BR /> groupBaseDN = CN=Groups,DC=splunksupport,DC=kom<BR /> groupBaseFilter =<BR /> groupMappingAttribute = dn<BR /> groupMemberAttribute = member<BR /> groupNameAttribute = cn<BR /> host = ADbogus.splunksupport.kom<BR /> port = 636<BR /> realNameAttribute = cn<BR /> userBaseDN = CN=Users,DC=splunksupport,DC=kom<BR /> userBaseFilter =<BR /> userNameAttribute = sAMAccountName<BR /> timelimit = 15<BR /> network_timeout = 20<BR /> anonymous_referrals = 0</P> <P>[roleMap_AD]<BR /> admin = SplunkAdmins<BR /> power = SplunkPowerUsers<BR /> user = SplunkUsers<BR /> new_user = adgroupnewuser;adgroupnewuser1 ### AD group name</P> <P>$SPLUNK_HOME/etc/system/local/authorize.conf</P> <P>[role_new_user]<BR /> rtsearch = enabled<BR /> importRoles = user<BR /> srchFilter = host=foo<BR /> srchIndexesAllowed = *<BR /> srchIndexesDefault = mail;main<BR /> srchJobsQuota = 8<BR /> rtSrchJobsQuota = 8<BR /> srchDiskQuota = 500</P> <P>I hope this helps</P> Tue, 29 Sep 2020 17:10:14 GMT https://community.splunk.com/t5/Security/grant-access-to-splunk/m-p/330565#M8466 sbbadri 2020-09-29T17:10:14Z