Hello!
Please help with this problem!
Objective: to implement login to KIbana through authentication in Active Directory.
Version Elasticsearch and Kibana: 7.12.0
elastisearch.yml:
node.name: node2
node.roles: [ master, ingest, ml ]
http.max_content_length: 200MB
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch
path.repo: /opt/elastic/backups
network.host: 127.0.0.1
transport.host: ...
discovery.zen.ping.unicast.hosts: ...
discovery.zen.minimum_master_nodes: 2
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: config/certs/node2-cert.p12
xpack.security.transport.ssl.truststore.path: config/certs/elastic-stack-ca.p12
xpack:
security:
authc:
realms:
native:
native1:
order: 0
active_directory:
ad1:
order: 1
domain_name: DOMAIN
url: ldap://domain.com:389
user_search:
base_dn: "cn=users,dc=domain,dc=com"
group_search:
base_dn: "cn=users,dc=domain,dc=com"
files:
role_mapping: "/etc/elasticsearch/role_mapping.yml"
role_mapping.yml
superuser:
- "cn=users,dc=domain,dc=com"
Ldapsearch command successfully connects via ldap to Active Directory:
ldapsearch -x -LLL -h [domain.com](http://domain.com/) -D user_test@DOMAIN -w "password" -b"cn=users,dc=domain,dc=com" -s sub "(objectClass=user)"
I check it this test and it doesn't work:
curl -u user_test@DOMAIN http://localhost:9200/_cat/nodes?pretty
I am getting an error like this:
[2021-04-12T01:44:16,898][WARN ][o.e.x.s.a.AuthenticationService] [node2] Authentication to realm ad1 failed - authenticate failed (Caused by ElasticsearchSecurityException[search for user [user_test@DOMAIN] by principal name yielded no results])
Complete log is as follows:
[2021-04-12T01:44:16,897][TRACE][o.e.x.s.a.l.s.LdapUtils ] [node2] LDAP bind [SimpleBindRequest(dn='user_test@DOMAIN', controls={AuthorizationIdentityRequestControl(isCritical=false)})] succeeded for [LDAPConnection(connected to [domain.com:389](http://domain.com:389/))]
[2021-04-12T01:44:16,898][TRACE][o.e.x.s.a.l.s.LdapUtils ] [node2] LDAP Search SearchRequest(baseDN='cn=users,dc=domain,dc=com', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=5, filter='(&(objectClass=user)(userPrincipalName=user_test@DOMAIN))', attrs={1.1}) => SearchResult(resultCode=0 (success), messageID=2, entriesReturned=0, referencesReturned=0) ([])
[2021-04-12T01:44:16,898][WARN ][o.e.x.s.a.AuthenticationService] [node2] Authentication to realm ad1 failed - authenticate failed (Caused by ElasticsearchSecurityException[search for user [user_test@DOMAIN] by principal name yielded no results])