Re: Default access when using LDAP authentication

micwhite · ‎10-04-2012

I would like for anyone who successfully authenticates against LDAP to get a default level of access to Splunk. However, I don't have an "all users" group that I can map to a role defining this level of access. Is there a way achieve this?

alacercogitatus · ‎10-04-2012

There is a workaround in the docs (I think it will work, but haven't tried it).
http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/SetUpUserauthenticationwithLDAP

Look under Configure LDAP through Splunk Web -> Create an LDAP Strategy -> Number 18.
The second bullet point takes note that not all environments have groups, so you can set the "group" to be a "user" and then assign a role based on that group. I haven't played with this at all, but might point you in the right direction.

micwhite · ‎10-04-2012

Thanks. Thinking through this, as users logged in, I'd end up with a bunch of "~groups~". But how would they get mapped to a role? Would they get mapped to the user role by default?

deanilol · ‎04-22-2015

Did you find an answer? I'm looking for exactly the same thing!!

Default access when using LDAP authentication

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Monitoring AI Agents with Splunk Observability Cloud

[Puzzles] Solve, Learn, Repeat: Tiling

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

Join the Conversation