Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to change the default role when creating a new user?

ejharts2015
Communicator
‎01-17-2017 10:41 AM

By default when a new user is created, the role of "user" is auto assigned to them. I would like to add another default role so new users will automatically have two roles assigned to them.

For example:
Let say we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "office_location" role to that new user, so I don't have to select the "office_location" role from the list while I'm creating them.

Which config would these changes be made in?

Thanks!

0 Karma
Reply

woodcock
Esteemed Legend
‎01-17-2017 05:05 PM

Edit $SPLUNK_HOME/etc/system/local/authorize.conf and add these lines:

[role_user]
importRoles = YourOtherRoleNameHere
0 Karma
Reply

somesoni2
Revered Legend
‎01-17-2017 11:59 AM

What is the authentication method that you're using? Native Splunk built-in authentication, LDAP or anything else?

0 Karma
Reply

ejharts2015
Communicator
‎01-17-2017 01:41 PM

We use okta authentication.

0 Karma
Reply

somesoni2
Revered Legend
‎01-17-2017 01:45 PM

In authorize.conf, there will be mapping of SAML groups to roles. A users will be part of some default SAML group, just update it's mapping in authotize.conf to include all the roles that you want to assign by default.

0 Karma
Reply

ejharts2015
Communicator
‎01-17-2017 11:14 AM

Yeah that's where the roles are but how you do you define what roles a new user starts with?

0 Karma
Reply

ddrillic
Ultra Champion
‎01-17-2017 12:09 PM

via importRoles = power;userin authorize.conf...

0 Karma
Reply

ejharts2015
Communicator
‎01-17-2017 01:40 PM

I understand that. I want to create a new user -> and have it pick both the user role and another role I need to define somewhere.

Lets say for example we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "office_location" role.

I don't want to add the "user" role to another role. We already have that capability.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...