Hello All,
We are looking for the possiblity of having local authentication for part of the users, and RADIUS authentication for another part. I think the most flexible way of doing this would be to have possibility of choosing auth method per user role...
http://splunk-base.splunk.com/answers/1549/how-can-i-combine-2-authentication-sources looks relevant and suggests that support for what you want already exists. Also, release notes for 4.1 suggest this feature was made available there (at least for LDAP). http://docs.splunk.com/Documentation/Splunk/4.1.8/ReleaseNotes/SidebysideLDAPandSplunknativeauthenti...
I'm not sure exactly how it works, though, based on a quick scan of the docs / spec files for authentication.conf
. I would suggest opening a support case to describe your exact goal and let them comment on whether or not the capability in Splunk 4.1 and above is sufficient. If not, then you can file an Enhancement request with Splunk via your support case. http://splunk-base.splunk.com/answers/4844/how-can-i-submit-an-enhancement-request