Re: Default access when using LDAP authentication

micwhite · ‎10-04-2012

I would like for anyone who successfully authenticates against LDAP to get a default level of access to Splunk. However, I don't have an "all users" group that I can map to a role defining this level of access. Is there a way achieve this?

alacercogitatus · ‎10-04-2012

There is a workaround in the docs (I think it will work, but haven't tried it).
http://docs.splunk.com/Documentation/Splunk/4.3.4/admin/SetUpUserauthenticationwithLDAP

Look under Configure LDAP through Splunk Web -> Create an LDAP Strategy -> Number 18.
The second bullet point takes note that not all environments have groups, so you can set the "group" to be a "user" and then assign a role based on that group. I haven't played with this at all, but might point you in the right direction.

micwhite · ‎10-04-2012

Thanks. Thinking through this, as users logged in, I'd end up with a bunch of "~groups~". But how would they get mapped to a role? Would they get mapped to the user role by default?

deanilol · ‎04-22-2015

Did you find an answer? I'm looking for exactly the same thing!!

Default access when using LDAP authentication

Splunk Platform | Upgrading your Splunk Deployment to Python 3.9

From Product Design to User Insights: Boosting App Developer Identity on Splunkbase

Detect and Resolve Issues in a Kubernetes Environment