Can I use an app in etc/apps to contain authentication data for use on all my search heads - via search head pooling?
Sort of. This works the same if the app is deployed to etc/apps via Deployment Server as well:
Sort of. This works the same if the app is deployed to etc/apps via Deployment Server as well:
If all servers happen to have the same $SPLUNK_HOME/etc/auth/splunk.secret
file, you don't need to have independent bindDN hashes. But be aware that changing out a splunk.secret
file will require changing any other files hashed with that file to match.