Authentication against Active Directory

Hi there,
I've been trying to set authentication via Active Directory / LDAP for days.

With the correct login data I get the error message:
{ "Status code" 403 "error": "Forbidden", "message": "Forbidden"}

With incorrect login data as you expected:

  • Kibana: Invalid username or password. Please try again.
  • Elasticsearch logs:
    [ep-note-1] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException (resultCode = 49 (invalid credentials), diagnosticMessage = '80090308: LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 52e, v1db1', ldapSDKVersion = 4.0.8, revision = 28812))

My configs:

    elasticsearch.yml
    xpack:
      security:
        authc:
          realms:
            active_directory:
              my_ad:
                order: 0
                domain_name: xx.xx.xx.de
                url: ldap://ad.xx.xx.xx.de:389
                bind_dn: CN=xx,OU=xx,OU=xx,OU=xx,OU=xx,DC=xx,DC=iplan,DC=xx,DC=de
                files:
                  role_mapping: "/etc/elasticsearch/role_mapping.yml"
                unmapped_groups_as_roles: false

        xpack.license.self_generated.type: trial
        xpack.monitoring.collection.enabled: true
        xpack.security.enabled: true

    role_mapping.yml
        # Role mapping configuration file which has elasticsearch roles as keys
        # that map to one or more user or group distinguished names

        #roleA:   this is an elasticsearch role
        #  - groupA-DN  this is a group distinguished name
        #  - groupB-DN
        #  - user1-DN   this is the full user distinguished name

        #power_user:
        #  - "cn=admins,dc=example,dc=com"
        #user:
        #  - "cn=users,dc=example,dc=com"
        #  - "cn=admins,dc=example,dc=com"
        #  - "cn=John Doe,cn=other users,dc=example,dc=com"
        # 4 testing
        monitoring:
              #- "cn=admins,dc=example,dc=com"
              - "CN=Group,OU=xx,OU=xx,OU=xx,DC=xx,DC=xx,DC=xx,DC=de"

My specs: 1 x elasticsearch note, 1 x kibana note, 1 x logstash note

Pls helwwp :confused:

Hi we did fix it.
We didn't have the same roles in kibana and role_mapping.yml :slight_smile:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.