Security

I can't login with AD credentials even if LDAP users are in mapped role

jlford30
Explorer

So I finally got LDAP strategy to work. NOw in Actions > Map Groups I can see the OU's I set up under LDAP Group Name. I see the LDAP Users populated with users from the OU for each LDAP Group Name. However, I cannot log in with the associated role, even if the user is seen in the LDAP users box and the selected role has all for roles selected. Am I missing something?

[authentication]

authSettings = AD LDAP

authType = LDAP

[AD LDAP]

SSLEnabled = 1

anonymous_referrals = 1

bindDN = CN=[username],OU=[Service Account OU],DC=[sub-domain],DC=[TLD]

bindDNpassword = [password]

charset = utf8

groupBaseDN = OU=[group OU name],DC=[sub-domain],DC=[TLD]

groupMappingAttribute = member

groupMemberAttribute = member

groupNameAttribute = name

host = [hostname]

nestedGroups = 0

network_timeout = 20

port = 636

realNameAttribute = cn

sizelimit = 1000

timelimit = 15

userBaseDN = OU=[Users OU name],OU=[Group OU name],DC=[sub-domain],DC=[TLD]

userNameAttribute = samaccountname

[roleMap_AD LDAP]

admin = [OU that has admin role]

can_delete = [OU that has can_delete role]

power = [OU that has power role]

user = [OU's with user role]

Tags (2)
0 Karma

jlford30
Explorer

groupNameAttribute = cn
Static member attribute = member

0 Karma
Get Updates on the Splunk Community!

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

The Defining Technology Movement of Our Lifetime The advent of agentic AI is arguably the defining technology ...

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...