I am not much of a Windows person (usually Linux) but I was asked if Splunk can use Active Directory as opposed to creating new user ids and passwords, and if so, how?
Here is the manual for that,
You can use AD/LDAP to authenticate, therefore have your users defined in AD.
in the process you will define which AD group is linked to which Splunk role.
Yes, it definitely can (LDAP or AD), see how to set it up here: http://docs.splunk.com/Documentation/Splunk/4.2.3/admin/SetUpUserauthenticationwithLDAP