We've got a Search Head Cluster with 6 Search Heads. When a user access our splunk URL, it hits a load balancer, wich randomly uses one of the 6 Search heads. Authentication is by LDAP integration.
Heres the problem: When a user logins to splunk, that user groups (and as a result, his roles) only gets updated on the specific search head that user happens to hit. If the user continues to use splunk, the load balancer might connect him to another search head, where the user groups are not updated The user tries to perform an action that requires the permissions provided by the group, and fails.
Is there a way that, when the user logs in, his assigned LDAP groups gets replicated to all the search heads on the cluster?