Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

After configuring LDAP authentication with AD groups. Few users are unable to login although they belong to same AD group.

shashwatsandeep
New Member
‎10-22-2019 05:22 AM

We have newly setup the Splunk Environment in AWS platform where we have used LDAP authentication method and created AD groups to determine permission to users and login to Splunk Web.
The issue we are facing is some of the users can login into Splunk who belongs to the AD group and some are unable to login although they belong to the same AD group with same permissions.
We are in Splunk Enterprise version 7.3.0
Can someone please suggest a possible solution for this.

Tags (1)
0 Karma
Reply

Wcd4v
New Member
‎10-25-2019 10:29 PM

So, with the users that cannot login, can you see their accounts in Splunk? If not, then the problem is with Splunk syncing with AD to create those accounts. I have seen before where if there aren't certain fields filled out in AD for users then their accounts won't sync, thus not be created in Splunk (maybe the Full Name field?). I would just compare one user that is working and one that isn't in AD and see if there are any empty field values.

0 Karma
Reply
Get Updates on the Splunk Community!

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...

Updated Team Landing Page in Splunk Observability

We’re making some changes to the team landing page in Splunk Observability, based on your feedback. The ...