Security

Add LDAP user

jgauthier
Contributor

Greetings,

I've set up LDAP authentication for my splunk installation. I would like to be able to add users specifically, but it appears when I do role mapping, I can only do groups.

How can I specify a user to a role?

Tags (2)
0 Karma

lesterw1
Engager

I set up LDAP to filter the list of group names displayed by using the filter: (cn=splunk)
Set up a security group for each role that you want (e.g., splunk_admins, splunk_users).

Or you can use the "Maps_users_directly_to_roles" technique... This didn't work for us as we have too many users and our LDAP heirachy is pretty flat (i.e., we don't have an OU=IT_Dept).

The problem I am running into is users within the groups still cannot log in, even though they are listed within the groups in LDAP Strategy. 😞

0 Karma

ChrisG
Splunk Employee
Splunk Employee

Briefly, to add a user to a Splunk role: First, On Splunk Web make sure that you've mapped the Splunk role to an LDAP group. Then, on your LDAP server, add the user to that LDAP group. See http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/SetupuserauthenticationwithLDAP for more information about LDAP strategies, managing users using LDAP, and LDAP configuration.

ChrisG
Splunk Employee
Splunk Employee
0 Karma

rettops
Path Finder

Just to clarify ... I don't want a pointer to the regular LDAP setup docs. I want a point to whatever document explains how to 'Map_users_directly_to_roles' rather than setting up an LDAP group for each role that we need.

0 Karma

ChrisG
Splunk Employee
Splunk Employee

I've updated the links in my answer and comment, hope this gives you what you need.

0 Karma

rettops
Path Finder

That document sounds like exactly what I need to solve the same problem described here. However I can't find it. Can anyone post a new link?

0 Karma

ChrisG
Splunk Employee
Splunk Employee

Okay, I understand the question better now. Here's the current documentation topic about managing users using LDAP:

http://docs.splunk.com/Documentation/Splunk/5.0.2/Security/ManageSplunkuserroleswithLDAP

Hope this helps.

0 Karma

sanderso67
New Member

Agreed - in my splunk instance, there are over 40 applications and it is not practical to create individual LDAP groups for all possible one-offs that will occur. I would prefer to take a user assigned to a particular LDAP group, and augment their privs. (Sorry to piggyback on your thread, but I think we are asking the same thing)

0 Karma

jgauthier
Contributor

That works, but it potentially gives anyone else in that group access as well. That is not preferred.

0 Karma

sanderso67
New Member

Ditto - I was combing SplunkBase for the same question

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...