Working LDAP where i can map LDAP groups to roles.
[XYZ Corporate AD]
SSLEnabled = 1
anonymous_referrals = 1
bindDN = CN=a1dpsapacheuser,OU=Administrative,DC=CORP,DC=XYZ,DC=com
bindDNpassword = password
charset = utf8
emailAttribute = mail
groupBaseDN = OU=Groups,OU=Location Corporate,OU=ABC,DC=CORP,DC=XYZ,DC=com
groupMappingAttribute = dn
groupMemberAttribute = member
groupNameAttribute = cn
host = x.x.x.x
nestedGroups = 0
network_timeout = -1
port = 636
realNameAttribute = givenname
sizelimit = 1000000
timelimit = 29
userBaseDN = OU=ABC,DC=CORP,DC=XYZ,DC=com
userNameAttribute = samaccountname
[roleMap_XYZ Corporate AD]
admin = XYZ - Admin Splunk Distribution
splunkuser = GlobalUsers
[authentication]
authSettings = XYZ Corporate AD
authType = LDAP
Trying to achieve, LDAP map users to Roles. I have followed
http://answers.splunk.com/answers/43842/mapping-ldap-user-to-roles-matched-groups-are-not-found-in-r... &
http://docs.splunk.com/Documentation/Splunk/6.2.0/Security/ConfigureLDAPwithconfigurationfiles as is but no luck. Here's the config i came up with
[XYZ Corporate AD]
SSLEnabled = 1
anonymous_referrals = 1
bindDN = CN=a1dpsapacheuser,OU=Administrative,DC=CORP,DC=XYZ,DC=com
bindDNpassword = password
charset = utf8
emailAttribute = mail
groupBaseDN = OU=ABC,DC=CORP,DC=XYZ,DC=com
groupBaseFilter = (|(samaccountname=*))
groupMappingAttribute = samaccountname
groupMemberAttribute = samaccountname
groupNameAttribute = samaccountname
host = x.x.x.x
nestedGroups = 0
network_timeout = -1
port = 636
realNameAttribute = cn
sizelimit = 1000000
timelimit = 29
userBaseDN = OU=ABC,DC=CORP,DC=XYZ,DC=com
userNameAttribute = samaccountname
[roleMap_XYZ Corporate AD]
newadmin = rgomatha
[authentication]
authSettings = XYZ Corporate AD
authType = LDAP
And i can't login. Is it because we have too many groups? I am sure more than 1000! What am i doing wrong?
Thanks in advance!
Regards,
Raghav
Looks like i have to go with AD groups to Splunk roles instead of Users to Splunk roles for lot of reasons.
Thanks to Charlie for adding weight to the approach 1