Deployment Architecture

Why is reload deploy failing on SSO enabled system?

Nvijay92
Explorer

Hello Splunkers,

 

I'm facing an authentication issue with my splunk instance during the App deployment.

 

information about the infrastructure:

Splunk Enterprise is configured with SSO

My User account has Admin role

Splunk Service runs on Splunk user(Normal Setup as in the installation Doc)

No password has been configured for the Splunk user account

 

Issue:

Whenever i try to deploy app using

./splunk reload deploy-server

usually it asks my user id and password which is my Active Directory user id & password.

Since we have enabled SSO i'm unable to get authenticated and getting the below error,

Your session is invalid. Please login.
Splunk username: myid
Password:

An authentication error occurred: Client is not authenticated

 

Could someone help me on this issue as i'm new to deployment over SSO enabled system.

 

I have pretty much experiences with the normal apply deployment without SSO being enabled.

 

Thank you

Labels (1)
Tags (2)
0 Karma

VatsalJagani
SplunkTrust
SplunkTrust

@Nvijay92 , @faruqtx , @SinghK  - I don't think you can use SSO while running CLI commands which require authentication. Because SSO relies on the browser to perform authentication.

Alternatively, you can use a Native Splunk account or a direct LDAP authentication scheme.

https://docs.splunk.com/Documentation/SplunkCloud/8.2.2202/Security/SetupuserauthenticationwithSplun... 

0 Karma

SinghK
Builder

Just curious ...

How do you do a reload deploy server, do you do it as  splunk user or with your user ? Does your user have sudo rights?

 

0 Karma

faruqtx
Engager

We sudo to splunk users and use the Splunk user. It works perfectly fine if we are not using SSO. And we created local accounts and if we reload using local accounts (not active directory accounts), then it also works fine. 

0 Karma

faruqtx
Engager

Hi, just curious, were you able to ever figure this out? We have the same issue as we're implementing SSO too. 

If you have any followup on this, I would love to hear it. Thanks. 

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...