Hi, we need to use Elasticsearch authentication for our users in DC (Active Directory).
Due to the instructs in link below:
https://www.elastic.co/guide/en/elasticsearch/reference/7.11/active-directory-realm.html
I add the AD realm to elasticsearch.yml
xpack:
security:
authc:
realms:
active_directory:
my_ad:
order: 0
domain_name: develop.local
url: ldap://192.168.3.89:389
user_search:
base_dn: "cn=users,dc=develop,dc=local"
group_search:
base_dn: "cn=users,dc=develop,dc=local"
files:
role_mapping: "/etc/elasticsearch/role_mapping.yml"
and this line to role_mapping.yaml
superuser:
- "cn=elasticsearch-superuser,cn=users,dc=develop,dc=local"
but we can not log in elasticsearch not with local users, nor users of domain controller.
and get this as elasticsearch log
[2021-02-22T05:15:21,458][WARN ][o.e.x.s.a.AuthenticationService] [APK-Elastic-Node] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C09041C, comment: AcceptSecurityContext error, data 52e, v4563', ldapSDKVersion=4.0.8, revision=28812))
[2021-02-22T05:15:21,913][WARN ][o.e.x.s.a.AuthenticationService] [APK-Elastic-Node] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C09041C, comment: AcceptSecurityContext error, data 52e, v4563', ldapSDKVersion=4.0.8, revision=28812))
[2021-02-22T05:15:24,406][WARN ][o.e.x.s.a.AuthenticationService] [APK-Elastic-Node] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C09041C, comment: AcceptSecurityContext error, data 52e, v4563', ldapSDKVersion=4.0.8, revision=28812))
[2021-02-22T05:15:24,456][WARN ][o.e.x.s.a.AuthenticationService] [APK-Elastic-Node] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C09041C, comment: AcceptSecurityContext error, data 52e, v4563', ldapSDKVersion=4.0.8, revision=28812))
[2021-02-22T05:15:26,905][WARN ][o.e.x.s.a.AuthenticationService] [APK-Elastic-Node] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C09041C, comment: AcceptSecurityContext error, data 52e, v4563', ldapSDKVersion=4.0.8, revision=28812))
[2021-02-22T05:15:27,463][WARN ][o.e.x.s.a.AuthenticationService] [APK-Elastic-Node] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C09041C, comment: AcceptSecurityContext error, data 52e, v4563', ldapSDKVersion=4.0.8, revision=28812))
[2021-02-22T05:15:29,406][WARN ][o.e.x.s.a.AuthenticationService] [APK-Elastic-Node] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C09041C, comment: AcceptSecurityContext error, data 52e, v4563', ldapSDKVersion=4.0.8, revision=28812))
I have a group named elasticsearch-superuser in AD and two users (members of elasticsearch-superuser)