I am very new to Splunk. I am looking for a simplified document to help me configure Splunk to authenticate through LDAP. Is there such a document?
LDAP is tough. I would suggest 2 things:
1: Watch this video, by @ninja, IT ROCKS: https://youtu.be/JEo6dNXigBo
2: Test/experiment with the ldapsearch
tool; install with sudo yum -y install openldap
Hi, try this steps:
https://www.learnsplunk.com/splunk-ldap-authentication-configuration.html
Here are the basic steps if you are doing this from the UI (you can also go to the CLI and update authentication.conf):
If the connection to your LDAP host works, your strategy will be saved and you can then click on "Map Groups" to assign Splunk roles to you Active Directory groups.
Have you checked out the existing Splunk documentation for this?
http://docs.splunk.com/Documentation/Splunk/6.6.1/Security/SetupuserauthenticationwithLDAP