Security

I can't login with AD credentials even if LDAP users are in mapped role

jlford30
Explorer

So I finally got LDAP strategy to work. NOw in Actions > Map Groups I can see the OU's I set up under LDAP Group Name. I see the LDAP Users populated with users from the OU for each LDAP Group Name. However, I cannot log in with the associated role, even if the user is seen in the LDAP users box and the selected role has all for roles selected. Am I missing something?

[authentication]

authSettings = AD LDAP

authType = LDAP

[AD LDAP]

SSLEnabled = 1

anonymous_referrals = 1

bindDN = CN=[username],OU=[Service Account OU],DC=[sub-domain],DC=[TLD]

bindDNpassword = [password]

charset = utf8

groupBaseDN = OU=[group OU name],DC=[sub-domain],DC=[TLD]

groupMappingAttribute = member

groupMemberAttribute = member

groupNameAttribute = name

host = [hostname]

nestedGroups = 0

network_timeout = 20

port = 636

realNameAttribute = cn

sizelimit = 1000

timelimit = 15

userBaseDN = OU=[Users OU name],OU=[Group OU name],DC=[sub-domain],DC=[TLD]

userNameAttribute = samaccountname

[roleMap_AD LDAP]

admin = [OU that has admin role]

can_delete = [OU that has can_delete role]

power = [OU that has power role]

user = [OU's with user role]

Tags (2)
0 Karma

jlford30
Explorer

groupNameAttribute = cn
Static member attribute = member

0 Karma
Get Updates on the Splunk Community!

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

A Prelude to .conf25: Your Guide to Splunk University

Heading to Boston this September for .conf25? Get a jumpstart by arriving a few days early for Splunk ...