If you have enabled SSL for your LDAP strategy, you must edit two files: nf, where you set the authentication type to LDAP and configure your LDAP strategy, and nf, where you configure the Splunk platform to use your SSL certificates to connect to your LDAP strategy. ![]() Set authentication type and configure LDAP strategies with SSL (Optional) Create the nf file if it does not already exist.Change to the $SPLUNK_HOME/etc/system/local directory.Depending on your LDAP strategy settings, you might need to specify additional settings and values in the strategy-specific stanzas. This is a generic procedure for configuring nf for LDAP. Set the authentication type and configure LDAP strategy names and settings Then, specify separate stanzas for each strategy. To configure multiple LDAP strategies, set the authSettings setting to a comma-separated list of all strategies, in the order in which you want to query the strategies. The Splunk platform can search across multiple LDAP servers, as described in How Splunk works with multiple LDAP servers. On Windows, there is no support for IPV6 address formats for the host setting.įor examples of how to create nf, see the nf spec file. There are additional settings that you can configure see the nf specification file for those settings and their descriptions. When you configure an LDAP strategy stanza, you must specify a minimum of the following settings and values:Įither you or your LDAP administrator must provide the minimum setting values described here. For example, if you configured authSettings=ad_ldap, then there must be a stanza called ad_ldap where the Splunk platform can look for settings and values for the ad_ldap strategy. The stanza names for any LDAP strategies you specify must match the names that you specified in authSettings. The nf file represents this as the authSettings setting, where you specify at least one strategy, and a group of settings under a stanza for each strategy that you specify in the authSettings setting. When you change the authentication scheme on the Splunk platform from native to LDAP, you must specify at least one LDAP strategy for the instance to connect to when it performs authentication. How nf works with LDAP and LDAP strategies If you prefer to configure LDAP with Splunk Web, see Configure LDAP with Splunk Web. For general information on editing configuration files, see About configuration files In the Admin Manual. ![]() ![]() The nf configuration file controls how Splunk Enterprise interacts with LDAP services for authentication.Įdit the nf file in $SPLUNK_HOME/etc/system/local/. You can make changes to how Splunk Enterprise authenticates with servers that run the Lightweight Directory Access Protocol (LDAP).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |