this is doable with couple of steps. Basically you are needing couple of things:
- AD / Kerberos server
- Splunk running on Linux server(s)
- working kerberos config on those linux host
- Apache with
- reverse proxy
- Some Splunk configuration
On SHC you can create own TA-sso-w-apache for those splunk configs (web.conf + server.conf). If I recall right currently the one can put those server.conf part to web.conf, but please check it from documentation.
That is quite similar what we are using in SHC cluster.