So I have two LDAP strategies setup for contractors. The strategies pulled the information in from AD and I have mapped each strategy to a Role. Now when I go to the Users tab, none of those users who are contractors show up. Regular users (employees) show up without issue but contractors who sit in a different OU within AD than employees do not. Any thoughts?
Note, I have checked splunkd.log and set the necessary logging profile to debug to no avail.
You shouldn't have to have separate LDAP strategies
In the Group base DN area or User base DN, Do you have each OU mapped out with a semicolon separating it? Like so
My employees and contractors resided in different OU. So it worked for me after expanding my userbaseDN to include OU=contractor.
I have a multiple LDAP strategies though, because we have users connecting from across the globe (UK/DE/Japan) to one search head instance. and each of these global regions have their own DCs and userbase.
What are your base filters? Within my organization we filtered by department to hasten the query but at the start ran into issues of a few members being added to a different department ID. If you are filtering on criteria, make sure that those values are all accounted for!
The easiest way to tell that this is the issue is when you go to map groups, the users show up there (you can see their OU and everything) but they aren't in the actual roles, just like you stated.