- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- How to change the default role when creating a new...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to change the default role when creating a new user?
By default when a new user is created, the role of "user" is auto assigned to them. I would like to add another default role so new users will automatically have two roles assigned to them.
For example:
Let say we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "office_location" role to that new user, so I don't have to select the "office_location" role from the list while I'm creating them.
Which config would these changes be made in?
Thanks!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Edit $SPLUNK_HOME/etc/system/local/authorize.conf and add these lines:
[role_user]
importRoles = YourOtherRoleNameHere
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is the authentication method that you're using? Native Splunk built-in authentication, LDAP or anything else?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We use okta authentication.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In authorize.conf, there will be mapping of SAML groups to roles. A users will be part of some default SAML group, just update it's mapping in authotize.conf to include all the roles that you want to assign by default.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yeah that's where the roles are but how you do you define what roles a new user starts with?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
via importRoles = power;userin authorize.conf...
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I understand that. I want to create a new user -> and have it pick both the user role and another role I need to define somewhere.
Lets say for example we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "office_location" role.
I don't want to add the "user" role to another role. We already have that capability.
Introducing the Splunk Community Dashboard Challenge!
Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...
Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...
