Re: LDAP authentication: mapping empty groups

gcusello · ‎10-31-2023

Hi at all,

I have to use in Splunk Enterprise an external authentication using LDAP.

I'm mapping roles with AD groups.

I don't see empty AD gropus (groups without associated users) in the mapping page.

Do you think that there could be a misconfiguration or (as I suppose) it isn't possible to see them until a user is inserted in?

Thank you for your confirmation.

Ciao.

Giuseppe

Mafokognel · ‎11-01-2023

Hello,

For my knowledge, You have to create role, after assign to the role their permission. thereafter you can map the group and authenticate again. Then Go to user and check username assign to the group. Thanks

gcusello · ‎11-01-2023

Hi @Mafokognel,

Thanks for your answer.

I know this, bat my question is:

after LDAP integration, I see groups containing users, but I don't see Groups without users.

Do you think that's normal or there could be an issue?

Ciao.

Giuseppe

isoutamo · ‎11-02-2023

Hi

I think that's just like you said. There must be a user on group to see it.

IMHO: with LDAP / AD authentication it's much better to create an own app where you have done those mappings and then install it as normal app. That way you could always add new role - group mappings there even there is no users yet on those groups. Also put that app on git and you know what you have. BUT after that don't use GUI anymore to user management (mappings etc.). If you are continue with both way you will be get real "spaghetti" sooner or later ;-(

r. Ismo

LDAP authentication: mapping empty groups

authentication

LDAP

Developer Spotlight with Paul Stout

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

Data-Driven Success: Splunk & Financial Services