I'd like to open my Splunk system up to all of our AD users rather than mapping particular groups as we've in the past. I've been trying to accomplish this by mapping the built in Domain Users group but I can't seem to get it to show up in the mapping screen. I do get the Domain Admins and Domain Guests which are in the same OU/Container just not Domain Users. Here is my current authentication.conf (some names changed to protect the innocent)
[authentication]
authSettings = Active Directory
authType = LDAP
[roleMap_Active Directory]
admin = Splunk Admins
managers = Splunk Managers
power = SysAdmins;Splunk Power Users
user = SysAdmins;Splunk Power Users;Splunk Users
[Active Directory]
SSLEnabled = 0
anonymous_referrals = 0
bindDN = account@our.domain.net
bindDNpassword = $1$AoUBf6Io02h4
charset = utf8
groupBaseDN = OU=CustomGroupOU1,DC=our,DC=domain,DC=net;OU=Groups,OU=CustomGroupOU2,DC=our,DC=domain,DC=net;CN=Users,DC=our,DC=domain,DC=net
groupBaseFilter = (|(cn=IT*)(cn=Splunk*)(cn=Domain*))
#groupMappingAttribute = dn
groupMappingAttribute = distinguishedname
groupMemberAttribute = member
#groupNameAttribute = cn
groupNameAttribute = name
host = our.domain.net
nestedGroups = 0
network_timeout = 29
port = 389
realNameAttribute = cn
sizelimit = 100000
timelimit = 28
userBaseDN = OU=CustomUserOU,DC=our,DC=domain,DC=net;CN=Users,DC=our,DC=domain,DC=net
userNameAttribute = samaccountname
I really don't have any AD management experience so I suspect I'm misunderstanding something here, any help would be greatly appreciated!
... View more