Environment:
ELK Version: 6.1.3
Setup : Docker containers created with official images from elastic
Hi All,
I am trying to configure active directory realm to work with Global catalog of our companies Active directory. Following is the configuration I am using.
xpack.security.authc.realms:
realm0:
type: active_directory
order: 0
domain_name: company.com
url: ldap://ldap.in.company.com:3268
bind_dn: username@company.com
bind_password: password
user_search.filter: (sAMAccountName={0})
I am getting following exception message during login
[2018-02-14T17:49:51,950][DEBUG][o.e.x.s.a.l.LdapRealm ] [otMZgVg] Exception occurred during authenticate for active_directory/realm0
com.unboundid.ldap.sdk.LDAPBindException: 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580
at com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:2171) ~[?:?]
at com.unboundid.ldap.sdk.LDAPConnectionPool.bindAndRevertAuthentication(LDAPConnectionPool.java:1535) ~[?:?]
at org.elasticsearch.xpack.security.authc.ldap.support.LdapUtils$1.lambda$doRun$0(LdapUtils.java:135) ~[?:?]
at java.security.AccessController.doPrivileged(Native Method) ~[?:1.8.0_161]
at org.elasticsearch.xpack.security.authc.ldap.support.LdapUtils.privilegedConnect(LdapUtils.java:86) ~[?:?]
at org.elasticsearch.xpack.security.authc.ldap.support.LdapUtils$1.doRun(LdapUtils.java:135) ~[?:?]
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) ~[elasticsearch-6.1.3.jar:6.1.3]
at org.elasticsearch.xpack.security.authc.ldap.support.LdapUtils.maybeForkThenBind(LdapUtils.java:160) ~[x-pack-6.1.3.jar:6.1.3]
at org.elasticsearch.xpack.security.authc.ldap.ActiveDirectorySessionFactory$ADAuthenticator.authenticate(ActiveDirectorySessionFactory.java:315) ~[x-pack-6.1.3.jar:6.1.3]
at org.elasticsearch.xpack.security.authc.ldap.ActiveDirectorySessionFactory.getSessionWithPool(ActiveDirectorySessionFactory.java:135) ~[x-pack-6.1.3.jar:6.1.3]
at org.elasticsearch.xpack.security.authc.ldap.PoolingSessionFactory.session(PoolingSessionFactory.java:104) ~[x-pack-6.1.3.jar:6.1.3]
at org.elasticsearch.xpack.security.authc.ldap.LdapRealm.lambda$doAuthenticate$1(LdapRealm.java:164) ~[x-pack-6.1.3.jar:6.1.3]
at org.elasticsearch.xpack.security.authc.ldap.LdapRealm$CancellableLdapRunnable.doRun(LdapRealm.java:320) [x-pack-6.1.3.jar:6.1.3]
at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:637) [elasticsearch-6.1.3.jar:6.1.3]
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-6.1.3.jar:6.1.3]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_161]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_161]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_161]
[2018-02-14T17:49:51,954][WARN ][o.e.x.s.a.AuthenticationService] [otMZgVg] Authentication to realm realm0 failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), errorMessage='80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580', diagnosticMessage='80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580'))
I tried to connect with ldapsearch for same credentials and it worked perfectly OK.
Can any one please help me with getting AD configuration working?