Security

AD mapped users unable to login to Splunk

damode
Motivator

I have mapped an AD group to Splunk's admin role. However, users are still unable to login.

After a bit of researching, I realised (from User name attribute setting within Splunk's LDAP strategy configuration page), sAMAccountname's value in AD has to be case insensitive. However, after I looked up LDAP directory for the sAMAccountname's value, I noticed the user's username actually has some uppercase letters too.

I have spoken to the LDAP admin and he advised that its not possible to modify the username to all lower case.

In this case, can anyone please advise how I can resolve this issue ?

Tags (2)
0 Karma

DavidHourani
Super Champion

Hi @damode,

Why does it have that format in LDAP? When using other applications are your users using LDAP with lowercase usernames as well ?

0 Karma

damode
Motivator

Hi David, I am not sure why but they have had that format since ages and never faced any issues with any applications. They use the same format for other applications.

0 Karma

skalliger
Motivator

Can you create a test user all lowercase, put it into an authorised group and try to authenticate?

I somehow doubt that this is the problem.

Skalli

0 Karma
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...