I have mapped an AD group to Splunk's admin role. However, users are still unable to login.
After a bit of researching, I realised (from User name attribute setting within Splunk's LDAP strategy configuration page), sAMAccountname's value in AD has to be case insensitive. However, after I looked up LDAP directory for the sAMAccountname's value, I noticed the user's username actually has some uppercase letters too.
I have spoken to the LDAP admin and he advised that its not possible to modify the username to all lower case.
In this case, can anyone please advise how I can resolve this issue ?