Security
Highlighted

AD mapped users unable to login to Splunk

Builder

I have mapped an AD group to Splunk's admin role. However, users are still unable to login.

After a bit of researching, I realised (from User name attribute setting within Splunk's LDAP strategy configuration page), sAMAccountname's value in AD has to be case insensitive. However, after I looked up LDAP directory for the sAMAccountname's value, I noticed the user's username actually has some uppercase letters too.

I have spoken to the LDAP admin and he advised that its not possible to modify the username to all lower case.

In this case, can anyone please advise how I can resolve this issue ?

Tags (2)
0 Karma
Highlighted

Re: AD mapped users unable to login to Splunk

SplunkTrust
SplunkTrust

Hi @damode,

Why does it have that format in LDAP? When using other applications are your users using LDAP with lowercase usernames as well ?

0 Karma
Highlighted

Re: AD mapped users unable to login to Splunk

Builder

Hi David, I am not sure why but they have had that format since ages and never faced any issues with any applications. They use the same format for other applications.

0 Karma
Highlighted

Re: AD mapped users unable to login to Splunk

SplunkTrust
SplunkTrust

Can you create a test user all lowercase, put it into an authorised group and try to authenticate?

I somehow doubt that this is the problem.

Skalli

0 Karma