A user reported that she is unable to login to Splunk with her credentials. Whereas I could able to login to Splunk with my credentials.
What could be the problem.
CAPS LOCK???
If you have SSH access to splunk server where user is unable to login. You can create a user-seed.conf , however may require to delete $SPLUNK_HOME//etc/passwd file or there might be a case where passwd file is delete accidently. Then password to that particular user can be set using user-seed.conf, which inturn create the passwd file containing user and encrypted password. For more details on creating user-seed.conf, follow below link https://docs.splunk.com/Documentation/Splunk/8.0.2/Admin/User-seedconf.
If you are using LDAP
then Splunk will default to that as the login type and you cannot use local logins. If you need to use a local login, then you need to specify certain URI values like this:
.../en-US/account/login?loginType=splunk
Hi,
Please check with your admin to check for whether the user is locked or not.
Go to Settings-->Users(Under Users and authentication)-->Search for the user.
It's better to reset the password
P.S- I hope you are using native login not LDAP or saml
User is using AD login.