@Stefanie Thank you! Here are the answers to your questions: * Is the Reverse Proxy set up on the same server you'll be logging into? Yes, our web server reverse proxy is running on the same server as the Splunk server. On the bright side, our CAC authentication is currently working. We tried adding an LDAP strategy to `authentication.conf` but was unsuccessful at getting it to work the way we'd hoped. Seeing an example of your "authentication.conf" might be helpful for me. Here is an example of what we tried in "authentication.conf" [authentication] authType = LDAP authSettings = ldap_strategy [ldap_strategy] host = active-directory.example.com SSLEnabled = 1 port = 636 bindDN = CN=MYAPP.dev,OU=Service Accounts,DC=example,DC=com bindDNpassword = REDACTED groupBaseDN = DC=example,DC=com groupMemberAttribute = uniqueMember groupNameAttribute = cn realNameAttribute = displayName userBaseDN = CN=Users,DC=example,DC=com userBaseFilter = (objectclass=organizationalPerson) userNameAttribute = cn [splunk_auth] constantLoginTime = 0.000 enablePasswordHistory = 1 expireAlertDays = 15 expirePasswordDays = 60 expireUserAccounts = 1 forceWeakPasswordChange = 1 lockoutAttempts = 3 lockoutMins = 1440 lockoutThresholdMins = 15 lockoutUsers = 1 minPasswordDigit = 1 minPasswordLength = 15 minPasswordLowercase = 1 minPasswordSpecial = 1 minPasswordUppercase = 1 passwordHistoryCount = 5 verboseLoginFailMsg = 0 [roleMap_ldap_strategy] # Map Splunk role name to LDAP group name # SplunkRoleName = LDAPGroupName admin = SplunkAdmins user = BusinessUsers
... View more