Security

How can I use LDAP for password authentication, but use Splunk internal roles management to assign roles?

tohassan
Engager

Dear Splunk community,
How can use LDAP for password authentication only but use Splunk internal roles management to assign these users to appropriate roles ?

1 Solution

srioux
Communicator

Never used it, but apparently you can map users directly to roles (according to documentation):
http://docs.splunk.com/Documentation/Splunk/6.1.3/Security/MapLDAPgroupsanduserstoSplunkroles#Map_us...

Personally, I've only ever used Active Directory as the 'back-end LDAP', and generally map Distribution Lists / Security Groups from there to Splunk roles.

View solution in original post

srioux
Communicator

Never used it, but apparently you can map users directly to roles (according to documentation):
http://docs.splunk.com/Documentation/Splunk/6.1.3/Security/MapLDAPgroupsanduserstoSplunkroles#Map_us...

Personally, I've only ever used Active Directory as the 'back-end LDAP', and generally map Distribution Lists / Security Groups from there to Splunk roles.

View solution in original post

tohassan
Engager

Thank you very much for your help.

0 Karma

gkanapathy
Splunk Employee
Splunk Employee

Correct. Basically, when configuring LDAP, in the sections when asking to define "groups" you simply define each user to be its own group, as described in the linked document. Then when you go into mapping Splunk roles to LDAP groups, you will find that each "group" is actually a single user.

0 Karma

nick405060
Motivator

??????? what?

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!