Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Nested Active Directory Groups

treinke
Builder
‎05-05-2010 07:08 PM

I have the LDAP authentication setup in Splunk. I have created groups in Active Directory to handle the users (Splunk-Users, Splunk-PowerUsers, etc.). There is a AD group that already contained a set up users I want added in to Splunk. I added that user group to the AD group I have mapped to Users. The user group's location in AD is not in the same location I have for the Splunk groups. When I go in to Users, I see the nested group in Users as a User.

Is there a way to use nested AD groups in Splunk LDAP Authentication?

There are no answer without questions
Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

ekost
Splunk Employee
Splunk Employee
‎09-13-2012 09:47 AM

Nested group support for OpenLDAP and AD has been added as of Splunk 4.3. Here's a blog post covering some details: http://blogs.splunk.com/2012/02/23/splunk-and-nested-groups-for-authorization/

View solution in original post

Reply
Solved! Jump to solution
Solution

ekost
Splunk Employee
Splunk Employee
‎09-13-2012 09:47 AM

Nested group support for OpenLDAP and AD has been added as of Splunk 4.3. Here's a blog post covering some details: http://blogs.splunk.com/2012/02/23/splunk-and-nested-groups-for-authorization/

Reply
Solved! Jump to solution

Glenn
Builder
‎10-11-2011 05:58 AM

Splunk is pretty bad in this area, I have had an enhancement request (45531) in for this functionality since Jul 8, 2010 7:08 AM (yes that's about 16 months) and it is still not scheduled to be included.

It wastes a couple of hours of time for a few people in my organisation each week, due to them having to assign individual members (new starters) to the groups, rather than them automatically being included for appropriate access via their team's role group. Over the course of the last 2 years this probably adds up to quite a large operating cost!

Please include this enhancement soon. How can we get its priority raised?

Reply
Solved! Jump to solution

the_wolverine
Champion
‎05-06-2010 06:32 AM

Splunk is unable to traverse nested LDAP groups. LDAP users must be direct members of the group mapped to Splunk role.

Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...