Security

I can't login with AD credentials even if LDAP users are in mapped role

jlford30
Explorer

So I finally got LDAP strategy to work. NOw in Actions > Map Groups I can see the OU's I set up under LDAP Group Name. I see the LDAP Users populated with users from the OU for each LDAP Group Name. However, I cannot log in with the associated role, even if the user is seen in the LDAP users box and the selected role has all for roles selected. Am I missing something?

[authentication]

authSettings = AD LDAP

authType = LDAP

[AD LDAP]

SSLEnabled = 1

anonymous_referrals = 1

bindDN = CN=[username],OU=[Service Account OU],DC=[sub-domain],DC=[TLD]

bindDNpassword = [password]

charset = utf8

groupBaseDN = OU=[group OU name],DC=[sub-domain],DC=[TLD]

groupMappingAttribute = member

groupMemberAttribute = member

groupNameAttribute = name

host = [hostname]

nestedGroups = 0

network_timeout = 20

port = 636

realNameAttribute = cn

sizelimit = 1000

timelimit = 15

userBaseDN = OU=[Users OU name],OU=[Group OU name],DC=[sub-domain],DC=[TLD]

userNameAttribute = samaccountname

[roleMap_AD LDAP]

admin = [OU that has admin role]

can_delete = [OU that has can_delete role]

power = [OU that has power role]

user = [OU's with user role]

Tags (2)
0 Karma

jlford30
Explorer

groupNameAttribute = cn
Static member attribute = member

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...