Security

How to use email or User Principle Name (UPN) instead of the Active Directory login?

jhillenburg
Path Finder

We currently have our users log into Splunk using their Active Directory (AD) credentials, and specifically the SamAccountName field. In the LDAP strategies pane, there is an option for changing this field. I would like to use email or User Principle Name (UPN). Has anyone done this, and does it present a problem?

Thanks.

0 Karma

brreeves_splunk
Splunk Employee
Splunk Employee

Yes, you can set authentication.conf > userNameAttribute to either "mail" or "userPrincipalName" and login with either.

In my test setup (which I confirmed this in), my email address is the username for both, and after setting it to the respective values, I was able to log in both times.

http://docs.splunk.com/Documentation/Splunk/6.5.2/Admin/Authenticationconf#LDAP_settings

Get Updates on the Splunk Community!

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...