Security

Determine which ldap groups are mapped to roles within Splunk

samuelrey
New Member

We are using ldap for authenticating groups to Splunk. Hundreds of groups listed on the ldap group page. How can I determine which groups are mapped to a role?

0 Karma
1 Solution

cpetterborg
SplunkTrust
SplunkTrust

Settings -> Access Controls -> Authentication Method -> Configure Splunk to use LDAP and map groups -> Map Groups (under Actions for your LDAP configuration)

The Roles column will show if there is a role mapped to the LDAP group.

Select the LDAP group and you can select the roles that are applied to the group.

View solution in original post

sjaworski
Communicator

Hi Samuelrey,

In Splunk 5.1.x
Navigate to Manager/Access Controls/Authentication method and click on "Configure Splunk to use LDAP and map groups"
Then select the "Map Groups" actions for your configured LDAP strategy.

The next view should give you the listing.

In Splunk 6.1.X and 6.2
Navigate to Settings/Access Controls/Authentication method and click on "Configure Splunk to use LDAP and map groups"
Then select the "Map Groups" actions for your configured LDAP strategy.

The next view should give you the listing.

cpetterborg
SplunkTrust
SplunkTrust

Settings -> Access Controls -> Authentication Method -> Configure Splunk to use LDAP and map groups -> Map Groups (under Actions for your LDAP configuration)

The Roles column will show if there is a role mapped to the LDAP group.

Select the LDAP group and you can select the roles that are applied to the group.

View solution in original post

cmeo
Contributor

I'm deploying in a large enterprise which has hundreds of groups, of which I'm interested in maybe half a dozen. So this method isn't terribly convenient.

Can we please have a filter to show just the currently mapped groups and roles, or some sort of report that does this?

0 Karma

samuelrey
New Member

Thanks cpetterborg - That helped. I ordered by Role to save me going through all the pages. This gave the groups that are mapped right at the top of the first page.

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.