Solved: Unable to Login to Splunk with LDAP Users

JoseMaría · ‎06-28-2021

Hi, I have configured Splunk with LDAP authentication and everything appears correct, the group and the users assigned within, as I see how it should be configured, the last step is to assign the roles and perform the login and everything is done, in In my case this is not possible, I have all the available roles assigned to the group and I still can't log in with for example: jmcastillo, which is an LDAP user, could someone help me understand what is happening? What else do I need or what configuration is wrong? Greetings and thank you.

JoseMaría · ‎07-21-2021

Finally I found the solution, it turned out that the group that was destined, for example, to enter Splunk, was a group which had to be created with GroupOfname, so, when entering users to that group, if it allowed me to access through memeberuid, thank you very much anyway!

View solution in original post

JoseMaría · ‎07-21-2021

Finally I found the solution, it turned out that the group that was destined, for example, to enter Splunk, was a group which had to be created with GroupOfname, so, when entering users to that group, if it allowed me to access through memeberuid, thank you very much anyway!

isoutamo · ‎06-29-2021

What you are finding from _internal log?

codebuilder · ‎06-29-2021

Have you tested your LDAP config?

https://docs.splunk.com/Documentation/Splunk/8.2.1/Security/TestyourLDAPconfiguration

----
An upvote would be appreciated and Accept Solution if it helps!

Unable to Login to Splunk with LDAP Users

configuration

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

Splunk APM: New Product Features + Community Office Hours Recap!

Index This | Forward, I’m heavy; backward, I’m not. What am I?