vagrant_repo/data_bags/cerner_splunk/authnz-vagrant.json
{
"id": "authnz-vagrant",
"authn": {
"search_head": {
"LDAP_strategies": {
"bag": ":ldap",
"roleMap" : {
"opsinfra": "splunk_dev_opsinfra",
"admin": "DevOps_SuperAdmins"
}
}
},
"license_server": "search_head",
"server": "search_head",
"shcluster":"search_head",
"forwarder":null
},
"ldap":{
"strategy_name":"ADDomain",
"host":"ad.example.com",
"SSLEnabled":1,
"port":636,
"bindDN":"bindacct@example.com",
"bindDNpassword":"passwords:bindacct",
"userBaseDN":["OU=Users,DC=example,DC=com"],
"userBaseFilter":"(objectClass=user)",
"userNameAttribute":"sAMAccountName",
"realNameAttribute":"displayName",
"groupBaseDN":["OU=Splunk Groups,DC=example,DC=com"],
"groupBaseFilter":"(objectClass=group)",
"groupNameAttribute":"cn",
"groupMemberAttribute":"member",
"nestedGroups":1,
"anonymous_referrals":0
},
"roles":{
"server":"search_head",
"shcluster":"search_head",
"search_head": {
"default":{
"app":"launcher",
"tz":"America/Chicago",
"showWhatsNew":0,
"capabilities":["!schedule_rtsearch"]
},
"nobody": {},
"user": {
"app":"search",
"capabilities":["!change_own_password","schedule_search"],
"srchIndexesAllowed":[],
"srchIndexesDefault":[]
},
"cloud-infra": {
"importRoles":["user"]
},
"opsinfra":{
"importRoles":["user"]
},
"admin": {
"capabilities":["change_own_password"]
}
}
}
}