Hi,
How will Splunk handle users who are part of two different Active Directory groups that are used for authentication?
They will have both roles applied. Assuming both groups are mapped to different roles.
Don't forget that if we're talking about two different strategies, there are precent orders amongst them so one has a higher priority than the other.
Thanks. If I have a filter for each role, how is that applied? AND/OR?
You mean an LDAP filter? Can you provide an example?
LDAP filters only affect the LDAP strategy they're "placed" on. So if the filter excluded the user from one strategy and not the other, then "the other" role would be the only one that applied.
