Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

LDAP with more then 1000 groups

michel_wolf
Path Finder
‎06-21-2018 07:02 AM

Hi,

I have a problem with a LDAP configuration I know there is a limit by 1000 users so I have change the following configuration

authentication.conf
sizelimit = 10000

limits.conf
[ldap]
max_users_to_precache = 10000

but it looks like this hasn´t impact of the max size of groups because it stops every time at 1000 groups.

Any ideas what to do?

Michel

Reply

darkmoonvt
New Member
‎05-09-2019 12:08 PM

Any news on this? I just ran into the same problem.

We have more than 1000 groups. The one I need to configure isn't in the first 1000 returned. Perhaps if the 'Map Group' page used the search term to filter the query it sent to ldap?

(the static group search term doesn't help, unless we go through and flag all the groups that might be used by Splunk with something, which isn't something I can manage soon.)

0 Karma
Reply

jdhunter
Path Finder
‎07-19-2018 03:13 PM

Have you tried

groupBaseFilter =

or in the GUI under Settings > Access Controls > Authentication method > LDAP settings > LDAP strategy name > Static group search filter

The LDAP search filter used to retrieve static groups. Highly recommended if you have a large amount of group entries under your group base DN. For example, '(department=IT)'

0 Karma
Reply

waytoavnish
Explorer
‎03-26-2019 07:38 AM

what is group itself is having 5000 users? Filters will not work

0 Karma
Reply
Get Updates on the Splunk Community!

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...