Solved: Configuring SAML via .conf files only - can it be ...

kozanic_mg · ‎04-22-2021

We are deploying SHC into AWS via pipeline code and attempting to configure SAML integration as part of the build but having some issues.

When I check using btool, all the saml details are correct, but if I check details via the GUI - nothing is populated and when I attempt to use SAML to login - I get errors about blank content being passed.

If I update the GUI as well - then things seem to work - but this is not something we want to do every time we do a new build.

Just wondering if anyone else out there has come across this and worked something out?

kozanic_mg · ‎04-25-2021

So... worked out that I was missing IDP cert change within my new build, once added everything just started working and all SAML settings available within GUI as well.

View solution in original post

kozanic_mg · ‎04-25-2021

So... worked out that I was missing IDP cert change within my new build, once added everything just started working and all SAML settings available within GUI as well.

kozanic_mg · ‎04-25-2021

After a weekend to clear the brain - I have found this which indicates that config can be done via .conf files:
https://docs.splunk.com/Documentation/Splunk/8.1.3/Security/ConfigureSAMLSSO

Now I just have to figure out why it's not working in my environment and why the settings I have configured via files are not showing in the GUI

Configuring SAML via .conf files only - can it be done?

configuration

using Splunk Enterprise

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Splunk Life | Happy Pride Month!

SplunkTrust | Where Are They Now - Michael Uschmann