Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Add LDAP user

jgauthier
Contributor
‎01-10-2012 06:31 AM

Greetings,

I've set up LDAP authentication for my splunk installation. I would like to be able to add users specifically, but it appears when I do role mapping, I can only do groups.

How can I specify a user to a role?

Tags (2)
0 Karma
Reply

lesterw1
Engager
‎02-29-2012 08:53 AM

I set up LDAP to filter the list of group names displayed by using the filter: (cn=splunk)
Set up a security group for each role that you want (e.g., splunk_admins, splunk_users).

Or you can use the "Maps_users_directly_to_roles" technique... This didn't work for us as we have too many users and our LDAP heirachy is pretty flat (i.e., we don't have an OU=IT_Dept).

The problem I am running into is users within the groups still cannot log in, even though they are listed within the groups in LDAP Strategy. 😞

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-10-2012 01:53 PM

Briefly, to add a user to a Splunk role: First, On Splunk Web make sure that you've mapped the Splunk role to an LDAP group. Then, on your LDAP server, add the user to that LDAP group. See http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/SetupuserauthenticationwithLDAP for more information about LDAP strategies, managing users using LDAP, and LDAP configuration.

Reply

ChrisG
Splunk Employee
Splunk Employee
‎03-21-2013 02:33 PM

Ah, sorry: http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/ConfigureLDAPwithconfigurationfiles#Map_u...

0 Karma
Reply

rettops
Path Finder
‎03-21-2013 02:25 PM

Just to clarify ... I don't want a pointer to the regular LDAP setup docs. I want a point to whatever document explains how to 'Map_users_directly_to_roles' rather than setting up an LDAP group for each role that we need.

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎03-21-2013 02:18 PM

I've updated the links in my answer and comment, hope this gives you what you need.

0 Karma
Reply

rettops
Path Finder
‎03-21-2013 01:57 PM

That document sounds like exactly what I need to solve the same problem described here. However I can't find it. Can anyone post a new link?

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-10-2012 02:26 PM

Okay, I understand the question better now. Here's the current documentation topic about managing users using LDAP:

http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/ManageSplunkuserroleswithLDAP

Hope this helps.

0 Karma
Reply

sanderso67
New Member
‎01-10-2012 02:03 PM

Agreed - in my splunk instance, there are over 40 applications and it is not practical to create individual LDAP groups for all possible one-offs that will occur. I would prefer to take a user assigned to a particular LDAP group, and augment their privs. (Sorry to piggyback on your thread, but I think we are asking the same thing)

0 Karma
Reply

jgauthier
Contributor
‎01-10-2012 01:54 PM

That works, but it potentially gives anyone else in that group access as well. That is not preferred.

0 Karma
Reply

sanderso67
New Member
‎01-10-2012 01:18 PM

Ditto - I was combing SplunkBase for the same question

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...