Security

Newly created LDAP group not accepting created roles

jcgever
Explorer

We have a few users that need access to application logs. We have our active directory admins create a group and once they create that group it shows up in splunk for us to add a role to.
The latest group to be created shows up in the "Access controls » Authentication method » LDAP strategies » LDAP Groups" page but once I try to add a role other than "user" it doesn't show as added in the UI even when the message at the top of the screen says the role has been added.
The users can't search any logs that they should have access through the new role created for the new LDAP Group. What's odd is that the /opt/splunk/etc/system/local/authentication.conf has the new role added to the new LDAP Group.

looking in splunkd.log there is this message:
02-06-2020 10:58:07.296 -0500 WARN UserManagerPro - Strategy="Splunk": the group="SPL_DIGITAL" was not found on the LDAP server. Suggest to remove it from the role map to save server loading time.

Not sure what to do. Not sure if this is a problem with AD or with splunk.

0 Karma

Sahr_Lebbie
Path Finder

Did you ever get a response for this?

0 Karma
Get Updates on the Splunk Community!

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...

Introducing Splunk Enterprise 9.2

WATCH HERE! Watch this Tech Talk to learn about the latest features and enhancements shipped in the new Splunk ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...