I'm attempting to configure SSO for Splunk with ADFS as the IdP. I have mapped an Active Directory group to the admin group in Splunk like this:
admin = splunk_admin
Whenever I attempt to login I receive the following message:
No valid splunk role found in the local mapping or assertion.
I am getting what appears to be a valid response from ADFS, but it seems Splunk is having an issue parsing it. I'm sure the issue lies with some misconfiguration on my part, but I'm having trouble pinning it down. I'm reaching out to the Splunk community to see if anyone else has had a similar experience, or can offer some insight.
Here are some sanitized excerpts from the SAML response for reference:
My UPN passed from ADFS:
My realName Attribute:
<Attribute Name="realName"> <AttributeValue>John Doe<AttributeValue> </Attribute>
My 'mail' Attribute
<Attribute Name="mail"> <AttributeValue>JohnDoe@myorg.org</AttributeValue> <Attribute>
My 'role' Attribute
<Attribute Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role"> <AttributeValue>Domain Users</AttributeValue>
... View more