ELK Platinum : Active Directory error

Elastic Stack Elasticsearch
1

Hi I have added the following config in elasticsearch.yml

xpack:
security:
authc:
realms:
active_directory:
my_ad:
order: 0
domain_name: abcd.xyz.org
url: ldap://abcd.xyz.org:389
bind_dn: nitya.raj@abcd.xyz.org
`

I have also added the xpack.security.authc.realms.active_directory.my_ad.secure_bind_password for the bind_dn.

However, I am receiving this error -

[2020-10-02T13:12:39,827][WARN ][o.e.x.s.a.AuthenticationService] [elk.org] Authentication to realm my_ad failed - authenticate failed (Caused by LDAPException(resultCode=49 (invalid credentials), diagnosticMessage='80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 ', ldapSDKVersion=4.0.8, revision=28812))
Could someone guide me in this?

2

This means that a bind to the AD failed because of wrong credentials. This can be caused either by the bind_dn or password being wrong, or because the username or the password of the user with which you attempt to authenticate is wrong. Can you enable debug logging with

curl -uelastic -XPUT '<your_fqdn>:9200/_cluster/settings?pretty' -H 'Content-Type: application/json' -d'
{
  "transient": {
    "logger.org.elasticsearch.xpack.security.authc.ldap": "TRACE"
  }
}

and also let us know how you are trying to authenticate ? What are you passing as a username ?

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.