Deployment Architecture

Splunk Search Head Integration with SAML

keishamtcs
Engager

Hi All,

I have 4 SH cluster members for which i have to integrate SAML. Our AD team is asking the below information reply URL.

Do i need to give all the 4 url ?
Also do i need to configure the SAML on all 4 SH UI ? please do share your thoughts.

SAML-based Sign-on Attributes Value -

Reply URL (Assertion Consumer Service URL)

https://searchhead1.group.com/saml/acs
https://searchhead2.group.com/saml/acs
https://searchhead3.group.com/saml/acs
https://searchhead4.group.com/saml/acs

Labels (2)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

I don't have an answer for the Reply URL, but yes, you need to configure SAML on all SHs. Don't use the UI, however, push an app from your deployer.

---
If this reply helps you, Karma would be appreciated.
0 Karma

keishamtcs
Engager

Thanks..can you please give some pointer on how to use as an app for the SAML config?

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Perhaps the easiest way is first to configure SAML on your deployer. Then copy the $SPLUNK_HOME/etc/system/local/authentication.conf file to $SPLUNK_HOME/etc/shcluster/apps/org_SAML_auth/default. Use the splunk apply shcluster-bundle command to send the app to SHC members. After that is done you can turn off SAML on the deployer, if you wish.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

How I Instrumented a Rust Application Without Knowing Rust

As a technical writer, I often have to edit or create code snippets for Splunk's distributions of ...

Splunk Community Platform Survey

Hey Splunk Community, Starting today, the community platform may prompt you to participate in a survey. The ...

Observability Highlights | November 2022 Newsletter

 November 2022Observability CloudEnd Of Support Extension for SignalFx Smart AgentSplunk is extending the End ...