Security
Highlighted

How can I use LDAP for password authentication, but use Splunk internal roles management to assign roles?

Engager

Dear Splunk community,
How can use LDAP for password authentication only but use Splunk internal roles management to assign these users to appropriate roles ?

Highlighted

Re: How can I use LDAP for password authentication, but use Splunk internal roles management to assign roles?

Communicator

Never used it, but apparently you can map users directly to roles (according to documentation):
http://docs.splunk.com/Documentation/Splunk/6.1.3/Security/MapLDAPgroupsanduserstoSplunkroles#Map_us...

Personally, I've only ever used Active Directory as the 'back-end LDAP', and generally map Distribution Lists / Security Groups from there to Splunk roles.

View solution in original post

Highlighted

Re: How can I use LDAP for password authentication, but use Splunk internal roles management to assign roles?

Splunk Employee
Splunk Employee

Correct. Basically, when configuring LDAP, in the sections when asking to define "groups" you simply define each user to be its own group, as described in the linked document. Then when you go into mapping Splunk roles to LDAP groups, you will find that each "group" is actually a single user.

0 Karma
Highlighted

Re: How can I use LDAP for password authentication, but use Splunk internal roles management to assign roles?

Motivator

??????? what?

0 Karma
Highlighted

Re: How can I use LDAP for password authentication, but use Splunk internal roles management to assign roles?

Engager

Thank you very much for your help.

0 Karma