
Map LDAP groups and users to Splunk roles in the configuration files
Once you've set up LDAP authentication and users, you can map your LDAP groups and users to roles in Splunk Web. To set up LDAP for Splunk Enterprise, see Configure LDAP with the configuration file in this manual.
As an alternative to using Splunk Web to map roles, you can directly edit your authentication.conf
contained in $SPLUNK_HOME/etc/system/local/
. There are further examples at the end of the authentication.conf spec file.
For information on configuration files in general, see About configuration files In the Admin Manual.
Map groups to roles
To map Splunk roles to a strategy's LDAP groups, you need to set up a roleMap
stanza for that strategy. Each strategy requires its own roleMap
stanza. This example maps roles for groups in the "ldaphost1" strategy. In your authentication.conf
file in $SPLUNK_HOME/etc/system/local/
:
[roleMap_ldaphost1] admin = SplunkAdmins itusers = ITAdmins
Map users directly to roles
If you need to map users directly to Splunk roles, you can do so by setting the groupBaseDN
setting in authentication.conf
to the value of userBaseDN
.
Also set the following attributes to the same value as userNameAttribute
:
groupMappingAttribute
groupMemberAttribute
groupNameAttribute
For example:
[supportLDAP] SSLEnabled = 0 bindDN = cn=Directory Manager bindDNpassword = ######### groupBaseDN = ou=People,dc=splunksupport,dc=com groupBaseFilter = (objectclass=*) groupMappingAttribute = MyUserID groupMemberAttribute = MyUserID groupNameAttribute = MyUserID host = supportldap.splunksupport.com port = 389 realNameAttribute = cn userBaseDN = ou=People,dc=splunksupport,dc=com userBaseFilter = (objectclass=*) userNameAttribute = MyUserID [roleMap_supportLDAP] admin = rlee;bsmith
PREVIOUS Configure LDAP using configuration files |
NEXT Test your LDAP configuration |
This documentation applies to the following versions of Splunk® Enterprise: 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.10, 6.4.11, 6.5.0, 6.5.1, 6.5.2, 6.5.3, 6.5.4, 6.5.5, 6.5.6, 6.5.7, 6.5.8, 6.5.9, 6.5.10, 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 6.6.5, 6.6.6, 6.6.7, 6.6.8, 6.6.9, 6.6.10, 6.6.11, 6.6.12, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.0.10, 7.0.11, 7.0.13, 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.1.0, 8.1.1
Feedback submitted, thanks!