Hi there,
I've been trying to set authentication via Active Directory / LDAP for days.
With the correct login data I get the error message:
{ "Status code" 403 "error": "Forbidden", "message": "Forbidden"}
With incorrect login data as you expected:
- Kibana: Invalid username or password. Please try again.
- Elasticsearch logs:
[ep-note-1] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException (resultCode = 49 (invalid credentials), diagnosticMessage = '80090308: LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 52e, v1db1', ldapSDKVersion = 4.0.8, revision = 28812))
My configs:
elasticsearch.yml
xpack:
security:
authc:
realms:
active_directory:
my_ad:
order: 0
domain_name: xx.xx.xx.de
url: ldap://ad.xx.xx.xx.de:389
bind_dn: CN=xx,OU=xx,OU=xx,OU=xx,OU=xx,DC=xx,DC=iplan,DC=xx,DC=de
files:
role_mapping: "/etc/elasticsearch/role_mapping.yml"
unmapped_groups_as_roles: false
xpack.license.self_generated.type: trial
xpack.monitoring.collection.enabled: true
xpack.security.enabled: true
role_mapping.yml
# Role mapping configuration file which has elasticsearch roles as keys
# that map to one or more user or group distinguished names
#roleA: this is an elasticsearch role
# - groupA-DN this is a group distinguished name
# - groupB-DN
# - user1-DN this is the full user distinguished name
#power_user:
# - "cn=admins,dc=example,dc=com"
#user:
# - "cn=users,dc=example,dc=com"
# - "cn=admins,dc=example,dc=com"
# - "cn=John Doe,cn=other users,dc=example,dc=com"
# 4 testing
monitoring:
#- "cn=admins,dc=example,dc=com"
- "CN=Group,OU=xx,OU=xx,OU=xx,DC=xx,DC=xx,DC=xx,DC=de"
My specs: 1 x elasticsearch note, 1 x kibana note, 1 x logstash note
Pls helwwp 
