LDAP Support
You can delegate Controller authentication and authorization to external directory servers that comply with LDAP version 3.
While a Controller should be able to work with any LDAPv3-compliant server, these LDAP products have been verified:
- Microsoft Active Directory for Windows Server 2008 >= SP2
- OpenLDAP >= 2.4
To configure LDAP authentication on a Splunk AppDynamics Controller, you must configure connection settings to the LDAP server and the queries that return user or group data. By mapping LDAP groups to roles, you can provision permissions in the Controller based on LDAP groups.
Possible Issues and Resolutions
| Issue | Resolution |
|---|---|
| The LDAP Server becomes unavailable | If the LDAP server configured for Controller authentication becomes unavailable for any reason, the Controller falls back to local user authentication. The best practice is to create a local user account with administrative rights that can access the Controller if the LDAP server becomes unavailable. |
| The user cannot be found in the LDAP directory | If a user cannot be found in the LDAP directory, the system logs an authentication failure event as a warning. The user can still authenticate through local authentication. |