Security

How do i add a role to user in splunk as it appears to be greyed out, though am admin

srikanth1213
Path Finder

I wanted to add additional role to the existing user and when I do it through available roles it does not allow me as they appear to be greyed out..kindly help

Tags (1)
0 Karma

lguinn2
Legend

If you are not using search head clustering (SHC), you should be able to do this directly in the user interface - maybe!
If you are using LDAP authentication, then the role for a particular user (lguinn for example) is set by the mapping between the LDAP group and the Splunk roles. To change the role of a particular user, you would need to change their LDAP group membership.
If you are using Splunk native authentication, then you should be able to simply give the user as many roles as you like via the Splunk user interface.
If you are trying to edit the existing role named user (and not a particular user), then: You may not be able to make the user role inherit from other roles if it would cause a circular definition (and it probably will.)

My guess is that you are trying to change the role assignment of a user who authenticates via LDAP...

0 Karma

somesoni2
Revered Legend

Are you using SHC in your search head?

0 Karma

srikanth1213
Path Finder

I did not quite understand that ...can you please elaborate.

0 Karma

somesoni2
Revered Legend

Are you using Search Head Clustering? Also, are you using LDAP authentication? In both cases the role assignment is disabled, even for admin. (they are being controlled elsewhere, in conf file on deployer for SHC and by LDAP group association for LDAP authentication).

0 Karma

srikanth1213
Path Finder

We are using LDAP authentication and its a not a cluster ..so as I understand from your statement ,they are controlled else where..thank you.
Also can you answer me if this the best practice that admin has no rights to edit the role ?

0 Karma

somesoni2
Revered Legend

I would say yes, in LDAP authentication, the role a user is assigned to is controlled by the AD group that user has associated with. As an admin, you can still modify the Role, but you can't modify the role assignment for a user.

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...