Active directory auth on premise ECK kibana

Thomas.sec · December 7, 2022, 3:35pm

Hi,

I use ECK on premise, it works well but I need use AD accounts to auth in kibana.

I follow the ad-realm-configuration documentation, but all my tests end with this error:
FATAL Error: [config validation of [xpack.security].authc.realms]: definition for this key is missing

I tried to add this config bloc in kibana k8s custom ressource (I have my bind dn password in base64 set on ldap-elk-ad secret, with the key "xpack.security.authc.realms.active_directory.ad1.secure_bind_password"):

spec:
  secureSettings:
  - secretName: ldap-elk-ad
  config:
    xpack.security.authc.realms:
      native:
        native1:
          order: 0
      active_directory:
        ad1:
          order: 1
          domain_name: <mydomain>
          url: ldaps://<mydomain>:636
          bind_dn: <appaccount>@<mydomain>
          user_search.base_dn: <ad user basedn>
          user_search.filter: <user filter>
          group_search.base_dn: <ad group basedn>

What did I miss ?

Thanks,

Thomas

Thomas.sec · December 8, 2022, 4:32pm

It looks like a subscrition problem : Abonnements | Produits/support de la Suite Elastic | Elastic
LDAP/AD Auth is not available for free. We need an enterprise subscription (ssh session replay !), so I am gonna try it later.

Thanks.

system · January 5, 2023, 4:33pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.