Great question! As it turns out Active Directory can be a very complicated system to robustly integrate with in the real world. Centrify has built an entire company out of robustly integrating *NIX systems to Active Directory for centrally managing accounts, identity, access control, authorization and audit of non-Windows systems.
This Splunk add-on (along with any version of Centrify DirectControl) provides the following unique Active Directory integration features for Splunk:
And some great Splunk specific features include:
account name: e.g. corey.williams
fully qualified name: e.g. corey.williams@centrify.com
domain name: CENTRIFY.COM\corey.williams
full name: Corey Williams
NOTE: This add-on will not function unless Centrify Express is installed and successfully joined to Active Directory
NOTE: The user must belong to the splunk-users group in Active Directory to be allowed to login to splunk. You may edit/change this required groupname in the $SPLUNKHOME/etc/apps/centrify.express.auth/bin/cdcScripted.py
script.
NOTE: The user must belong to at least one Active Directory group that has the same name as a splunk role. For example: clone the default users role in splunk and name it splunk-users.
NOTE: You may also map an Active Directory group to a splunk role using group overrides in Centrify Express. For more information consult the Centrify Express admin guide.
Changes to the app name and description
Minor metadata/description updates.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.