Security
Highlighted

How to change the default role when creating a new user?

Communicator

By default when a new user is created, the role of "user" is auto assigned to them. I would like to add another default role so new users will automatically have two roles assigned to them.

For example:
Let say we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "officelocation" role to that new user, so I don't have to select the "officelocation" role from the list while I'm creating them.

Which config would these changes be made in?

Thanks!

0 Karma
Highlighted

Re: How to change the default role when creating a new user?

Super Champion
0 Karma
Highlighted

Re: How to change the default role when creating a new user?

Communicator

Yeah that's where the roles are but how you do you define what roles a new user starts with?

0 Karma
Highlighted

Re: How to change the default role when creating a new user?

Ultra Champion

via importRoles = power;userin authorize.conf...

0 Karma
Highlighted

Re: How to change the default role when creating a new user?

Communicator

I understand that. I want to create a new user -> and have it pick both the user role and another role I need to define somewhere.

Lets say for example we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "office_location" role.

I don't want to add the "user" role to another role. We already have that capability.

0 Karma
Highlighted

Re: How to change the default role when creating a new user?

SplunkTrust
SplunkTrust

What is the authentication method that you're using? Native Splunk built-in authentication, LDAP or anything else?

0 Karma
Highlighted

Re: How to change the default role when creating a new user?

Communicator

We use okta authentication.

0 Karma
Highlighted

Re: How to change the default role when creating a new user?

SplunkTrust
SplunkTrust

In authorize.conf, there will be mapping of SAML groups to roles. A users will be part of some default SAML group, just update it's mapping in authotize.conf to include all the roles that you want to assign by default.

0 Karma
Highlighted

Re: How to change the default role when creating a new user?

Esteemed Legend

Edit $SPLUNK_HOME/etc/system/local/authorize.conf and add these lines:

[role_user]
importRoles = YourOtherRoleNameHere
0 Karma