Security

Newly created LDAP group not accepting created roles

jcgever
Explorer

We have a few users that need access to application logs. We have our active directory admins create a group and once they create that group it shows up in splunk for us to add a role to.
The latest group to be created shows up in the "Access controls » Authentication method » LDAP strategies » LDAP Groups" page but once I try to add a role other than "user" it doesn't show as added in the UI even when the message at the top of the screen says the role has been added.
The users can't search any logs that they should have access through the new role created for the new LDAP Group. What's odd is that the /opt/splunk/etc/system/local/authentication.conf has the new role added to the new LDAP Group.

looking in splunkd.log there is this message:
02-06-2020 10:58:07.296 -0500 WARN UserManagerPro - Strategy="Splunk": the group="SPL_DIGITAL" was not found on the LDAP server. Suggest to remove it from the role map to save server loading time.

Not sure what to do. Not sure if this is a problem with AD or with splunk.

0 Karma

Sahr_Lebbie
Path Finder

Did you ever get a response for this?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...