Security

How do i add a role to user in splunk as it appears to be greyed out, though am admin

srikanth1213
Path Finder

I wanted to add additional role to the existing user and when I do it through available roles it does not allow me as they appear to be greyed out..kindly help

Tags (1)
0 Karma

lguinn2
Legend

If you are not using search head clustering (SHC), you should be able to do this directly in the user interface - maybe!
If you are using LDAP authentication, then the role for a particular user (lguinn for example) is set by the mapping between the LDAP group and the Splunk roles. To change the role of a particular user, you would need to change their LDAP group membership.
If you are using Splunk native authentication, then you should be able to simply give the user as many roles as you like via the Splunk user interface.
If you are trying to edit the existing role named user (and not a particular user), then: You may not be able to make the user role inherit from other roles if it would cause a circular definition (and it probably will.)

My guess is that you are trying to change the role assignment of a user who authenticates via LDAP...

0 Karma

somesoni2
SplunkTrust
SplunkTrust

Are you using SHC in your search head?

0 Karma

srikanth1213
Path Finder

I did not quite understand that ...can you please elaborate.

0 Karma

somesoni2
SplunkTrust
SplunkTrust

Are you using Search Head Clustering? Also, are you using LDAP authentication? In both cases the role assignment is disabled, even for admin. (they are being controlled elsewhere, in conf file on deployer for SHC and by LDAP group association for LDAP authentication).

0 Karma

srikanth1213
Path Finder

We are using LDAP authentication and its a not a cluster ..so as I understand from your statement ,they are controlled else where..thank you.
Also can you answer me if this the best practice that admin has no rights to edit the role ?

0 Karma

somesoni2
SplunkTrust
SplunkTrust

I would say yes, in LDAP authentication, the role a user is assigned to is controlled by the AD group that user has associated with. As an admin, you can still modify the Role, but you can't modify the role assignment for a user.

0 Karma
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...