Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Add LDAP user

jgauthier
Contributor
‎01-10-2012 06:31 AM

Greetings,

I've set up LDAP authentication for my splunk installation. I would like to be able to add users specifically, but it appears when I do role mapping, I can only do groups.

How can I specify a user to a role?

Tags (2)
0 Karma
Reply

lesterw1
Engager
‎02-29-2012 08:53 AM

I set up LDAP to filter the list of group names displayed by using the filter: (cn=splunk)
Set up a security group for each role that you want (e.g., splunk_admins, splunk_users).

Or you can use the "Maps_users_directly_to_roles" technique... This didn't work for us as we have too many users and our LDAP heirachy is pretty flat (i.e., we don't have an OU=IT_Dept).

The problem I am running into is users within the groups still cannot log in, even though they are listed within the groups in LDAP Strategy. 😞

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-10-2012 01:53 PM

Briefly, to add a user to a Splunk role: First, On Splunk Web make sure that you've mapped the Splunk role to an LDAP group. Then, on your LDAP server, add the user to that LDAP group. See http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/SetupuserauthenticationwithLDAP for more information about LDAP strategies, managing users using LDAP, and LDAP configuration.

Reply

ChrisG
Splunk Employee
Splunk Employee
‎03-21-2013 02:33 PM

Ah, sorry: http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/ConfigureLDAPwithconfigurationfiles#Map_u...

0 Karma
Reply

rettops
Path Finder
‎03-21-2013 02:25 PM

Just to clarify ... I don't want a pointer to the regular LDAP setup docs. I want a point to whatever document explains how to 'Map_users_directly_to_roles' rather than setting up an LDAP group for each role that we need.

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎03-21-2013 02:18 PM

I've updated the links in my answer and comment, hope this gives you what you need.

0 Karma
Reply

rettops
Path Finder
‎03-21-2013 01:57 PM

That document sounds like exactly what I need to solve the same problem described here. However I can't find it. Can anyone post a new link?

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-10-2012 02:26 PM

Okay, I understand the question better now. Here's the current documentation topic about managing users using LDAP:

http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/ManageSplunkuserroleswithLDAP

Hope this helps.

0 Karma
Reply

sanderso67
New Member
‎01-10-2012 02:03 PM

Agreed - in my splunk instance, there are over 40 applications and it is not practical to create individual LDAP groups for all possible one-offs that will occur. I would prefer to take a user assigned to a particular LDAP group, and augment their privs. (Sorry to piggyback on your thread, but I think we are asking the same thing)

0 Karma
Reply

jgauthier
Contributor
‎01-10-2012 01:54 PM

That works, but it potentially gives anyone else in that group access as well. That is not preferred.

0 Karma
Reply

sanderso67
New Member
‎01-10-2012 01:18 PM

Ditto - I was combing SplunkBase for the same question

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

Hello Splunkers,  We’re excited to kick off a Splunk Dashboard contest! We know that dashboards are a primary ...

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...