Reporting
Highlighted

After turning on Okta SAML authentication, saved searches and reports are no longer available

Explorer

Since i moved authentication from LDAP to SAML, $SPLUNK_HOME/etc/users has a bunch of new username@our.domain directories (the old username directories are still there). What's the best way (migrating the contents of username to username@our.domain? or changing a setting so username settings go back to how they were? something else?) to fix this?

0 Karma
Highlighted

Re: After turning on Okta SAML authentication, saved searches and reports are no longer available

Explorer

Hi @ronerf
I've had the same issue as you when I changed the authentication from LDAP to SAML.
My solution was to reassign the Knowledge Objects to the new naming schema because it was only for a couple of users.
I don't know how Okta works but it's generally possible for IDPs to change the way, a username is send to Splunk.

Maybe the Okta Support can help you changing the transfered username or you reassign the Knowledge Objects manually.

Kind regards,
Dennis