On the LDAP question , you would have to manually setup that user in LDAP and setup your LDAP Group to Splunk role mappings.
Also bear this in mind (copy/paste from Splunk docs):
Usernames in Splunk's built-in authentication system always take precedence over the same usernames in LDAP. So, if you have converted from Splunk's built-in authentication system to LDAP, you might need to delete users from Splunk's built-in system to ensure that you're using LDAP credentials. This is only necessary if usernames are the same in both systems.