Security

How do i add a role to user in splunk as it appears to be greyed out, though am admin

srikanth1213
Path Finder

I wanted to add additional role to the existing user and when I do it through available roles it does not allow me as they appear to be greyed out..kindly help

Tags (1)
0 Karma

lguinn2
Legend

If you are not using search head clustering (SHC), you should be able to do this directly in the user interface - maybe!
If you are using LDAP authentication, then the role for a particular user (lguinn for example) is set by the mapping between the LDAP group and the Splunk roles. To change the role of a particular user, you would need to change their LDAP group membership.
If you are using Splunk native authentication, then you should be able to simply give the user as many roles as you like via the Splunk user interface.
If you are trying to edit the existing role named user (and not a particular user), then: You may not be able to make the user role inherit from other roles if it would cause a circular definition (and it probably will.)

My guess is that you are trying to change the role assignment of a user who authenticates via LDAP...

0 Karma

somesoni2
Revered Legend

Are you using SHC in your search head?

0 Karma

srikanth1213
Path Finder

I did not quite understand that ...can you please elaborate.

0 Karma

somesoni2
Revered Legend

Are you using Search Head Clustering? Also, are you using LDAP authentication? In both cases the role assignment is disabled, even for admin. (they are being controlled elsewhere, in conf file on deployer for SHC and by LDAP group association for LDAP authentication).

0 Karma

srikanth1213
Path Finder

We are using LDAP authentication and its a not a cluster ..so as I understand from your statement ,they are controlled else where..thank you.
Also can you answer me if this the best practice that admin has no rights to edit the role ?

0 Karma

somesoni2
Revered Legend

I would say yes, in LDAP authentication, the role a user is assigned to is controlled by the AD group that user has associated with. As an admin, you can still modify the Role, but you can't modify the role assignment for a user.

0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...