Security
Provide Splunk Cloud feedback in this confidential UX survey by June 17
for a chance to win a $200 Amazon gift card!

Account lockout when using LDAP authentication for users?

chris_barrett
Path Finder

We have our authentication tied to AD using the LDAP strategy.   Password complexity and lifetime is, as a result, handled by the requirements set by the AD Group Policy.  But what about failed login attempts?  If a user manages to type in their password incorrectly multiple times (or worse, someone tries to incorrectly guess a user's password multiple times), will it cause their account to become locked within Splunk (and possibly within the underlying OS too?)

Labels (2)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

If someone is locked out of their LDAP account then they are also locked out of Splunk.  However, Splunk is unaware of that.  I merely asks the LDAP server if the user is authenticated and if the server responds with "no" then they are not allowed in.

The 'admin' user still has access to Splunk, however, since it is a local account.

If your OS also uses LDAP then the same applies there as well.

---
If this reply helps you, an upvote would be appreciated.
0 Karma

chris_barrett
Path Finder

But what if the user (or someone else) types in the user's id and then fails to enter the correct password multiple times.  Will the account become locked out? 

The specific situation here is that the authentication is tied to the client's AD.    If the wrong password is typed in for a user on the Splunk login page multiple (let's say 10 times), will the account become locked either within Splunk, or within AD, or both, or neither?

 

0 Karma

soutamo
SplunkTrust
SplunkTrust
Easiest way to check how it is configured on your environment is asking from your ad admins and/or just test it. I think that it depends how it is configured.
r. Ismo
0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!