Hey,
I am trying to configure x-pack and elasticsearch to authenticate through an Active Directory.
i feel like i am missing something in my configuration.
running Centos 7 with elasticsearch 6.1.3
i added that to my elasticsearch.yml:
#------------------------------------x-pack-----------------------------------
xpack:
security:
authc:
realms:
active_directory:
type: active_directory
order: 0
domain_name: lab.proj.lan
url: ldap://192.168.0.1:389
bind_dn: CN=bindaccount,CN=Users,DC=lab,DC=proj,DC=lan
bind_password: ********
and i added this to my role_mapping.yml
monitor:
- "CN=Utilisateurs du domaine,CN=Users,DC=lab,DC=proj,DC=lan"
So when i go to localhost:9200 i get a login/password popup. is that normal ?
if i cancel i get the following:
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],
"type" : "security_exception",
"reason" : "missing authentication token for REST request [/?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
},
"status" : 401
}
and if i login with the Active directory account( same as in Configuration)
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "action [cluster:monitor/main] is unauthorized for user [bindaccount]"
}
],
"type" : "security_exception",
"reason" : "action [cluster:monitor/main] is unauthorized for user [bindaccount]"
},
"status" : 403
}
anyone can help ?