Solved: LDAP and Search Head Pooling - Role Mapping

Steve_Litras · ‎07-20-2011

I'm trying to use an approach like Search Head Pooling to share auth info to set up search head pooling. I'm thinking that I can keep my LDAP config in system/local (with the respective hashes), and then just set up a separate app for the role mappings. I just tested this by dumping the role mapping into the search app on the share storage, and it seems to work fine.

However, my question is, if I basically decide to manage all role mapping in a separate app, what's the easiest way to tell both search heads to re-read that (other than splunk restart)? I don't see anything about authentication in the app.conf triggers setup...

Thanks
Steve

gr · ‎07-20-2011

I don't believe there's any better way than that detailed here:

splunk _internal call /authentication/providers/services/_reload -auth admin:changeme

Potentially via cron, of course.

(Users are checked against the LDAP server when they login as of 4.1.x, but it's certainly been my experience than groups, and thus mappings to roles, are not as af 4.2.2.)

View solution in original post

gr · ‎07-20-2011

I don't believe there's any better way than that detailed here:

splunk _internal call /authentication/providers/services/_reload -auth admin:changeme

Potentially via cron, of course.

(Users are checked against the LDAP server when they login as of 4.1.x, but it's certainly been my experience than groups, and thus mappings to roles, are not as af 4.2.2.)

LDAP and Search Head Pooling - Role Mapping

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases