Hello:
We currently have an LDAP based authentication scheme in Splunk Ver 7.1. We're exploring to Single Sign-On (SSO) enable Splunk using Forgerock AM ver 5.5 through Security Assertion Markup Language (SAML).
Same LDAP backend will be used either using LDAP authentication scheme or SAML. Given, following are completed:
Error appears as "Saml response does not contain group information." although configured authentication.conf as outlined in https://www.splunk.com/blog/2016/09/21/moving-from-ldap-to-saml-authentication.html
Why does the group information need to be passed when LDAP is a common backend? In other words, is there a way to map Splunk roles to groups?
Regards