Failed to authenticate user [kibana]

Hello all,

I copied the data from one elastic server to new elastic server facing the authentication issue .

    [2017-10-23T22:06:55,326][WARN ][o.e.x.s.a.AuthenticationService] [Z4Il9_V] An unexpected error occurred while attempting to authenticate [kibana] against realm [reserved]
org.elasticsearch.ElasticsearchSecurityException: failed to authenticate user [kibana]
	at org.elasticsearch.xpack.security.support.Exceptions.authenticationError(Exceptions.java:39) ~[?:?]
	at org.elasticsearch.xpack.security.authc.esnative.ReservedRealm.lambda$null$2(ReservedRealm.java:106) ~[?:?]
	at org.elasticsearch.xpack.security.authc.esnative.ReservedRealm.lambda$doAuthenticate$3(ReservedRealm.java:110) ~[?:?]
	at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:59) ~[elasticsearch-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.esnative.ReservedRealm.getUserInfo(ReservedRealm.java:214) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.esnative.ReservedRealm.doAuthenticate(ReservedRealm.java:89) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.support.CachingUsernamePasswordRealm.doAuthenticateAndCache(CachingUsernamePasswordRealm.java:141) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.support.CachingUsernamePasswordRealm.authenticateWithCache(CachingUsernamePasswordRealm.java:107) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.support.CachingUsernamePasswordRealm.authenticate(CachingUsernamePasswordRealm.java:92) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$consumeToken$10(AuthenticationService.java:264) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.common.IteratingActionListener.run(IteratingActionListener.java:93) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.consumeToken(AuthenticationService.java:288) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$extractToken$6(AuthenticationService.java:239) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.extractToken(AuthenticationService.java:247) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$authenticateAsync$0(AuthenticationService.java:194) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$lookForExistingAuthentication$2(AuthenticationService.java:212) ~[x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lookForExistingAuthentication(AuthenticationService.java:224) [x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.authenticateAsync(AuthenticationService.java:190) [x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.access$000(AuthenticationService.java:147) [x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.authc.AuthenticationService.authenticate(AuthenticationService.java:100) [x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.xpack.security.rest.SecurityRestFilter.handleRequest(SecurityRestFilter.java:78) [x-pack-5.4.0.jar:5.4.0]
	at org.elasticsearch.rest.RestController.dispatchRequest(RestController.java:260) [elasticsearch-5.4.0.jar:5.4.0]

Any help should be appreciated.

I move your question to #x-pack.

Can you provide more details?

• How did you copy the data?
• Did you copy the .security index also?
• Is this error being caused by a Kibana server, or through manual testing?
• Is it only the kibana user that is failing, or is elastic failing as well?
• Was the old server using the default changeme password, or had you changed it?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.