Hello all,
I need to configure SAML/SSO with Splunk but i m having the following issues:
- I have 3 search heads in a cluster (without a load balancer 😕)
=> I can create a dedicated SAML config for each search head and disable the replication of the authentication.conf
- we have many tenants and we have users connecting from the different tenants to Splunk (currently we have multiple LDAP configurations)
=> I understood that Splunk only accepts one IdProvider with SAML, so users from other tenants will not be able to access splunk with SSO.
- ideally, we must have some users connecting with LDAP, but Splunk doesn't allow enabling both LDAP and SAML simultaneously 😕 or it is possible but requires a custom script for that.
Questions:
1- does anyone have worked on a script to enable LDAP and SAML ?
2- Any idea about the best config from Azure ID regarding the multi-tenants and the B2B collaboration?
3- Any advice in general how to better approach this issue? 🙏
Best
