I have mapped an AD group to Splunk's admin role. However, users are still unable to login.
After a bit of researching, I realised (from User name attribute setting within Splunk's LDAP strategy configuration page), sAMAccountname's value in AD has to be case insensitive. However, after I looked up LDAP directory for the sAMAccountname's value, I noticed the user's username actually has some uppercase letters too.
I have spoken to the LDAP admin and he advised that its not possible to modify the username to all lower case.
In this case, can anyone please advise how I can resolve this issue ?
Why does it have that format in LDAP? When using other applications are your users using LDAP with lowercase usernames as well ?
Hi David, I am not sure why but they have had that format since ages and never faced any issues with any applications. They use the same format for other applications.
Can you create a test user all lowercase, put it into an authorised group and try to authenticate?
I somehow doubt that this is the problem.