Security

After mapping groups to roles configuring Splunk to allow LDAP authentication, why am I unable to log in with any of those users?

Path Finder

I'm trying to configure Splunk to allow LDAP authentication. I select "Configure Splunk to use LDAP and map groups" and then complete the LDAP strategy. I then select Map groups and map roles to groups. I am currently using one group as a test that has two users in it. I can see all the groups and my target group. I select my target group and give them a role. For testing purposes, I gave them the power role. I saved, backed out, and checked the user section, but they were not there. I reloaded authentication configuration and they were still not there. When I attempt to login with one of those users I receive the following errors:

-0400 ERROR UserManagerPro - LDAP Login Failed, could not find a valid user="xxx" on any configured servers
-0400 ERROR AuthenticationManagerLDAP - Could not find user ="xxx" with strategy="LDAP"

Also watching TCPdump on the server I can see the traffic going to the LDAP server while attempting to log in.

In short, I mapped groups to roles, but I am unable to login with any of those users.

0 Karma
1 Solution

Path Finder

The OU for the user base was changed to Domain Admins, and now it works.

View solution in original post

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!