Reporting

LDAP user to Role Mapping Greyed Out

AKG
Path Finder

Hi

We have a Situation where Reports need to be shared with in certain working group and My question is

1) Can we give a user(LDAP user) some right so that he/she can shared report to his/her own working group without Splunk Admin involving and at the same time this user doesn't have more right than necessary? If yes how could we do this?

2) Can we map a user from LDAP to a splunk Group? I have created a group in splunk and wanted to add AD user to this group so that this particular group can have access to certain reports/apps.

Problem I am having is when I double click on user Section where I should be able to assign role is greyed out. Is this what it supposed to be?

Note:- Currently I can assign AD(from LDAP) group to local Role but I wanted more granular than this i.e. to be able to select to an AD user not whole group. Is this possible?

Thank you

Tags (1)
1 Solution

martin_mueller
SplunkTrust
SplunkTrust

1) Create an app for a working group and add members of that group to a Splunk role that has write permissions for that app. Then members can share reports into that app for other members to see.

2) You can't map AD users to a Splunk role, that's what AD groups are for. If you want a single AD user to get a Splunk role you need to add that user to a group and map that group.

The list of users when mapping an AD group to a Splunk role is supposed to be greyed out. It's just and info to the admin, giving an idea whether he selected the correct AD group or not.

View solution in original post

martin_mueller
SplunkTrust
SplunkTrust

1) Create an app for a working group and add members of that group to a Splunk role that has write permissions for that app. Then members can share reports into that app for other members to see.

2) You can't map AD users to a Splunk role, that's what AD groups are for. If you want a single AD user to get a Splunk role you need to add that user to a group and map that group.

The list of users when mapping an AD group to a Splunk role is supposed to be greyed out. It's just and info to the admin, giving an idea whether he selected the correct AD group or not.

andrey2007
Contributor

Why I can't map AD users to a Splunk role?
according this doc it is really
http://docs.splunk.com/Documentation/Splunk/6.2.5/Security/MapLDAPgroupsanduserstoSplunkroles
Map users directly to roles

0 Karma

AKG
Path Finder

Thanks Martin

This is what I was looking for and all done.

0 Karma
Get Updates on the Splunk Community!

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability

Solve Problems Faster with New, Smarter AI and Integrations in Splunk Observability As businesses scale ...