Solved: Re: LDAP Groups and Subgroups

nowakdaw · ‎09-06-2012

Hello All, Thank you for your time.

If you have a group in AD that has subgroups and you map a role to the group, do the subgroups get updated with the same permissions? I attempted to test this and it seems that the answer is no. I am part of a child group. If I update the parent group I can not log into splunk. But if I update the child I can log in. It seems that if you update the parent group the child groups do not get updated.

Can anyone confirm this? Seems like this may be a bug?

adamw · ‎09-09-2012

What version of Splunk are you running? If I recall, subgroups in LDAP we're put in on version 4.3.

If you're on 4.3, check your $SPLUNK_HOME/etc/system/local/authentication.conf and see if

nestedGroups = 1

Thanks,
--adam

View solution in original post

adamw · ‎09-09-2012

What version of Splunk are you running? If I recall, subgroups in LDAP we're put in on version 4.3.

If you're on 4.3, check your $SPLUNK_HOME/etc/system/local/authentication.conf and see if

nestedGroups = 1

Thanks,
--adam

adamw · ‎09-10-2012

Unfortunately before version 4.3 (released early 2012), nested groups did not work, which made permissions in our environment basically worthless. I'm glad Splunk has added this highly useful feature to the product.

Thanks,
--adam

nowakdaw · ‎09-10-2012

Thank you very much for your help. I appreciate it.

Yes I am on 4.3. Was an easy fix. Thank you.

Just to note: I assume this is outdated http://splunk-base.splunk.com/answers/2200/nested-active-directory-groups

LDAP Groups and Subgroups

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases