Security

How does Splunk handle users who are part of two different Active Directory groups that are used for authentication?

a212830
Champion

Hi,

How will Splunk handle users who are part of two different Active Directory groups that are used for authentication?

0 Karma

jkat54
SplunkTrust
SplunkTrust

They will have both roles applied. Assuming both groups are mapped to different roles.

0 Karma

sloshburch
Splunk Employee
Splunk Employee

Don't forget that if we're talking about two different strategies, there are precent orders amongst them so one has a higher priority than the other.

0 Karma

a212830
Champion

Thanks. If I have a filter for each role, how is that applied? AND/OR?

0 Karma

jkat54
SplunkTrust
SplunkTrust

You mean an LDAP filter? Can you provide an example?

LDAP filters only affect the LDAP strategy they're "placed" on. So if the filter excluded the user from one strategy and not the other, then "the other" role would be the only one that applied.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...