I have a security group called Splunk Users that is mapped to the user role in Splunk.
When I add a user directly to this group they can auth fine.
When they are in a group called Developers which is in Splunk Users they are not able to auth.
Nested groups is selected.
Here is my authentication.conf
[authentication]
authSettings = Acme
authType = LDAP
[roleMap_Acme]
admin = Splunk Admins
api-user = Splunk API Users
can_delete = Splunk Admins
power = Splunk Admins;Splunk Power Users
splunk-system-role = Splunk Admins;Splunk System Users
user = Splunk Admins;Splunk Users
[Acme]
SSLEnabled = 1
anonymous_referrals = 1
bindDN = CN=svc.splunk.ldapsearch,OU=Service and Administrative Accounts,DC=Acme,DC=net
bindDNpassword = 12345
charset = utf8
groupBaseDN = OU=Splunk,OU=Security Groups,DC=Acme,DC=net
groupMappingAttribute = dn
groupMemberAttribute = member
groupNameAttribute = cn
host = domaincontroller
nestedGroups = 1
network_timeout = 20
port = 636
realNameAttribute = cn
sizelimit = 10000
timelimit = 15
userBaseDN = OU=Employees,DC=Acme,DC=net;OU=Service and Administrative Accounts,DC=Acme,DC=net
userNameAttribute = samaccountname
... View more