When will Splunk support nested group membership from LDAP/Active Directory?
It's a real pain having to add users to the SPLUNK groups, vs using role based groups that are then inherited access via group memberships.
This is one of the huge benefits to having an LDAP backend.
LDAP nested group support is going to be available in the next release of Splunk, which is currently in beta testing, you can request a copy for evaluation from PMs
As a workaround, you can set up an Apache and a crowd daemon, which provides the feature to deliver nested groups as flat ones (http://www.atlassian.com/software/crowd/overview). There is an Apache authentication module for crowd (http://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Apache) too. Using Splunk's SSO feature and these components above, you'll be able to use nested groups.
HTH.
LDAP nested group support is going to be available in the next release of Splunk, which is currently in beta testing, you can request a copy for evaluation from PMs
Can you please elaborate on your problem? OOTB, the nested group support is disabled in the LDAP strategy page, did you check the box labeled "Nested groups" ? If still not working send me a note.
I just installed 4.3 today and it doesn't appear to be fixed. The only change I can tell is it now filters out the nested group name.
Sweet, thanks for the update.
Splunk is pretty bad in this area, I have had an enhancement request (45531) in for this functionality since Jul 8, 2010 7:08 AM (yes that's about 16 months) and it is still not scheduled to be included.
It wastes a couple of hours of time for a few people in my organisation each week, due to them having to assign individual members (new starters) to the groups, rather than them automatically being included for appropriate access via their team's role group. Over the course of the last 2 years this probably adds up to quite a large operating cost!
Please include this enhancement soon. How can we get its priority raised?
At this point, AFAIK, this is not an enhancement that is scheduled.