By default when a new user is created, the role of "user" is auto assigned to them. I would like to add another default role so new users will automatically have two roles assigned to them.
For example:
Let say we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "office_location" role to that new user, so I don't have to select the "office_location" role from the list while I'm creating them.
Which config would these changes be made in?
Thanks!
Edit $SPLUNK_HOME/etc/system/local/authorize.conf
and add these lines:
[role_user]
importRoles = YourOtherRoleNameHere
What is the authentication method that you're using? Native Splunk built-in authentication, LDAP or anything else?
We use okta authentication.
In authorize.conf, there will be mapping of SAML groups to roles. A users will be part of some default SAML group, just update it's mapping in authotize.conf to include all the roles that you want to assign by default.
Yeah that's where the roles are but how you do you define what roles a new user starts with?
via importRoles = power;user
in authorize.conf
...
I understand that. I want to create a new user -> and have it pick both the user role and another role I need to define somewhere.
Lets say for example we have a role based on office location, so I want to have when I create a new user to auto add the "user" role and the "office_location" role.
I don't want to add the "user" role to another role. We already have that capability.