Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

If users are no longer part of Active Directory and cannot authenticate, can we do a Reload Authentication Configuration?

abhijit_mhatre
Path Finder
‎10-24-2016 10:02 AM

If users are no longer part of Active Directory & cannot authenticate, can we do a Reload Authentication Configuration?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

rdimri_splunk
Splunk Employee
Splunk Employee
‎10-24-2016 12:17 PM

Splunk basic authentication should still work, if you create a user in splunk (or better use admin user) with admin privileges, then local authentication takes priority over ldap. You should be able to reload authentication with that user

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

rdimri_splunk
Splunk Employee
Splunk Employee
‎10-24-2016 12:17 PM

Splunk basic authentication should still work, if you create a user in splunk (or better use admin user) with admin privileges, then local authentication takes priority over ldap. You should be able to reload authentication with that user

0 Karma
Reply
Solved! Jump to solution

abhijit_mhatre
Path Finder
‎10-25-2016 07:21 AM

Does the reloading the configuration option would place all the users currently mapped from LDAP into correct roles as they are now?
The main purpose of reloading the configuration would be able to clear some errors we are seeing in regards to users no longer being part of AD or should we exclude these errors.

The errors are as follows:
1) AuthenticationManagerLDAP Error
Could not find user="abc" with strategy="AD_Adhoc"

2) UserManagerPro Error
Failed to get LDAP user="pqr" from any configured errors.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

 Prepare to elevate your security operations with the powerful upgrade to Splunk Enterprise Security 8.x! This ...

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Passionate about security automation? Apply now to our AI Playbook Authoring Alpha private preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management

Managing high-volume firewall data has always been a challenge. Noisy events and verbose traffic logs often ...