Assistance with LDAP authentication

stack-security
(Luke) #1

Working on testing LDAP authentication for our cluster before setting it up for a client. So far....success is limited. Here is my journalctl log after I set the config in the YML file. I know the issue is with the bind_password field, but I am unsure why.

Exception in thread "main" 2019-03-15 16:54:22,926 main ERROR No Log4j 2 configuration file found. Using default configuration (logging only errors to the console), or user programmatically provided configurations.

Exception in thread "main" 2019-03-15 16:54:22,926 main ERROR No Log4j 2 configuration file found. Using default configuration (logging only errors to the console), or user programmatically provided configurations.
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: SettingsException[Failed to load settings from [elasticsearch.yml]]; nested: MarkedYAMLException[while scanning a simple key
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: in 'reader', line 113, column 11:
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: bind_password:test!pass01
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: ^
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: could not find expected ':'
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: in 'reader', line 114, column 11:
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: user_search:
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: ^
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: at [Source: sun.nio.ch.ChannelInputStream@65d09a04; line: 112, column: 92]]; nested: ScannerException[while scanning a simple key
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: in 'reader', line 113, column 11:
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: bind_password:test!pass01
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: ^
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: could not find expected ':'
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: in 'reader', line 114, column 11:
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: user_search:
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: ^
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: ];
Mar 15 16:54:22 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.common.settings.Settings$Builder.loadFromStream(Settings.java:1216)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.common.settings.Settings$Builder.loadFromPath(Settings.java:1189)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.node.InternalSettingsPreparer.prepareEnvironment(InternalSettingsPreparer.java:100)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.cli.EnvironmentAwareCommand.createEnv(EnvironmentAwareCommand.java:95)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.cli.Command.main(Command.java:90)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86)
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: Caused by: com.fasterxml.jackson.dataformat.yaml.snakeyaml.error.MarkedYAMLException: while scanning a simple key
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: in 'reader', line 113, column 11:
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: bind_password:test!pass01
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: ^
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: could not find expected ':'
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: in 'reader', line 114, column 11:
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: user_search:
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: ^
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at [Source: sun.nio.ch.ChannelInputStream@65d09a04; line: 112, column: 92]
Mar 15 16:54:23 Elasticsearch-Data3 elasticsearch[3137]: at com.fasterxml.jackson.dataformat.yaml.snakeyaml.error.MarkedYAMLException.from(MarkedYAMLException.java:27)
Mar 15 16:54:23 Elasticsearch-Data3 systemd[1]: elasticsearch.service: main process exited, code=exited, status=1/FAILURE
Mar 15 16:54:23 Elasticsearch-Data3 systemd[1]: Unit elasticsearch.service entered failed state.

role_mapping is not set yet, so it will fail but I would at least like to advance past the previous error. Here is the config for the test cluster.

xpack:
  security:
    authc:
      realms:
        ldap1:
          type: ldap
          order: 0
          url: "ldaps://ELK-AD.ELK.test:636"
          bind_dn: "CN=ldap,OU=IT Service Accounts,OU=Services,OU=[OurCompany],DC=Elk,DC=test"
          bind_password:test!pass01
          user_search:
            base_dn: "dc=Elk,dc=test"
            filter: "(memberOf=CN=Elastic_Engineers,OU=Services,OU=[Ourcompany],DC=Elk,DC=test)"
#          group_search:
#            base_dn: "Elk,dc=test"
          files:
            role_mapping: "ES_PATH_CONF/x-pack/role_mapping.yml"
          unmapped_groups_as_roles: false

Thanks in advance!
(finally figured out the site formatting after a ton of edits!)

(Ioannis Kakavas) #2

You need a space after : in YAML, this should be

bind_password: test!pass01
(system) closed #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.