Videos

  • Add Videos
  • View All

Latest Activity

Profile Icon
Greg Vallenari is now a member of splunkninja Sunday
Welcome Them!
Profile Icon
Mike Hartford commented on Michael Wilde's video
Got it thanks
Thumbnail

Splunk Ninja - Basic Training: Splunk & LDAP Authentication

Feb 8
Profile Icon
Michael Wilde commented on Michael Wilde's video
Sure...  When you do group mapping, map them to groups that don't have the domain admins in them.  I have a separate OU=Groups that has "Splunk Users, Splunk Admins, Splunk Power Users" as group names, and specific users…
Thumbnail

Splunk Ninja - Basic Training: Splunk & LDAP Authentication

Feb 8
Profile Icon
Mike Hartford commented on Michael Wilde's video
I want to give LDAP access to my splunk servcie but I don't want the LDAP users to have admin capabilitys in Splunk.  Can I keep the domain admins out of Splunk if I have LDAP authentication???
Thumbnail

Splunk Ninja - Basic Training: Splunk & LDAP Authentication

Feb 7
Profile Icon
Mike Hartford left a comment for Jonathan Hawes
Helow Jonathan,   Glad to have another Splunker.  I've been useing Splunk for 2 years and am hooked.  I leared how to spell splunk and | transaction too.  you'll learn that one soon.   Go over to Splunk…
Feb 7
Profile Icon
Mike Hartford commented on Mike Hartford's blog post 'tees for the holy day'
  Holy Batskins Ninja, zzzzzwap zgruppp kapow a hidden stash, how great is that!!!!   The team that found them must have special bat senses and highly tooned Splunking skills   I like to wear Extra Lovable…
Feb 7
Profile Icon
Learning, learning, learning . . . Our Splunk "expert" is gone, and the non-programmer gets to learn the task! How do you spell SPLUNK?
Status posted by Jonathan Hawes Feb 7
0 Comments
Profile Icon
Jonathan Hawes is now a member of splunkninja Feb 7
Welcome Them!
Michael Wilde

Splunk Ninja - Basic Training: Splunk & LDAP Authentication

In this long form video, I discuss how to setup Splunk to authenticate with your LDAP directory. An extensive overview of each component of the directory relevant to Splunk authentication is covered, including mapping Roles in Splunk to Groups in LDAP.

720p with Fullscreen Toggle is here: http://blip.tv/file/2878148. This video is downloadable as well.

Views: 2510

Get Embed Code

Tags: authentication, ldap, roles, splunk

Michael Wilde Comment by Michael Wilde on November 23, 2009 at 11:57am
Note: Splunk loads up the list of users in your directory only upon restart, or if you manually reload the authentication config from the LDAP settings. If you add a new user to your directory, you'll find you can't login right away until the list of users is updated. Irritating. Slightly.

Amrit mentions how you can script the reload of auth on a periodic basis (with cron, perhaps) in his blog post here:

http://blogs.splunk.com/amrit/2009/08/20/reload-4-auth/

Rumor has it this issue will be fixed in 2010.
Mike Hartford Comment by Mike Hartford on February 7, 2012 at 2:01pm

I want to give LDAP access to my splunk servcie but I don't want the LDAP users to have admin capabilitys in Splunk.  Can I keep the domain admins out of Splunk if I have LDAP authentication???

Michael Wilde Comment by Michael Wilde on February 8, 2012 at 12:17pm

Sure...  When you do group mapping, map them to groups that don't have the domain admins in them.  I have a separate OU=Groups that has "Splunk Users, Splunk Admins, Splunk Power Users" as group names, and specific users assigned to them.  If you're not in one of those groups--you ain't gettin' in yo!.

Mike Hartford Comment by Mike Hartford on February 8, 2012 at 12:19pm

Got it thanks

Comment

You need to be a member of splunkninja to add comments!

Join splunkninja

© 2012   Created by Michael Wilde.

Badges  |  Report an Issue  |  Terms of Service