What I would do is make sure the Elasticsearch configuration working first.
What I mean setup the elasticsearch portion of the LDAP
Start Elasticsearch and make sure there are no errors in the logs
Then use a tool like Postman POST / GET and API request into Elasticsearch using the API like a simple search.
If it fails look closely at the error and continue to fix the configuration.
When I experimented in the past I often found the filters etc were the issue If I recall
example looking at your vs my old sample the user filter was
so you should not be using SAML in Kibana In fact you may have had Kibana correct before you changed it
To successfully log in to Kibana, basic authentication requires a username and password. Basic authentication is enabled by default, and is based on the Native, LDAP, or Active Directory security realm that is provided by Elasticsearch. The basic authentication provider uses a Kibana provided login form, and supports authentication using the Authorization request header Basic scheme.
AND another important thing, please post the logs from Elasticsearch there is good data ... like I am testing and I got this...
[2023-02-27T10:23:41,220][WARN ][o.e.x.s.a.RealmsAuthenticator] [hyperion] Authentication failed using realms [reserved/reserved,file/default_file,native/default_native]. Realms [ldap/ldap1] were skipped because they are not permitted on the current license
Because I am running a basic license ... LDAP / SAML requires a license...do you have one if not you can turn on a trial license!
And then I forgot to add the bind dn password in the key store
[2023-02-27T10:28:08,600][WARN ][o.e.x.s.a.RealmsAuthenticator] [hyperion] Authentication to realm ldap1 failed - authenticate failed (Caused by LDAPException(resultCode=89 (parameter error), diagnosticMessage='Simple bind operations are not allowed to contain a bind DN without a password.', ldapSDKVersion=6.0.3, revision=405ee52a554f9867e81d4598a5b2f97beabeb29a))
So I had to run this per the docs
The password for the bind_dn user should be configured by adding the appropriate secure_bind_password setting to the Elasticsearch keystore. For example, the following command adds the password for the example realm above:
The curl command looks proper so you got that right.
But it simply not authenticating which means the user and password are not found or incorrect etc.
I do not have a magic way to debug this.
I think the next step is You need to look at the elastic logs at the same time that you run this command.
Probably put the logging level as debug and then run this command and it should provide more information.