Failed to authenticate user with ldap realm using role mapping api

Hi all,
Currently i have successfully tried to authen to elastic with ldap, but i used the role_mapping file, i was tesing with using the role mapping api but it is not working.
When i turn on the authen debug log then when ever i authen i get this log:

Authentication of [admin] using realm [ldap/ldap1] with token [UsernamePasswordToken] was [AuthenticationResult{status=CONTINUE, user=null, message=null, exception=null}]

The api call i tried was:

POST /_security/role_mapping/test
{
  "roles" : [ "superuser" ],
  "rules" : { "any" : [
      { "field" : { "dn" : "CN=admin,OU=IT,DC=ABC,DC=COM" } }
  ] },
  "enabled": true
}

Can some one point out to me what when wrong.
One note is that on the ldap realm i config the server to authen with sAMAccountName, i dont know if that is the problems.

That log message indicates that your LDAP realm is not authenticating the user. That means that this problem has nothing to do with role mapping, and is almost certainly a configuration problem in your LDAP realm.

You should turn on trace logging for the LDAP realm:

PUT _cluster/settings
{
  "transient": {
    "logger.org.elasticsearch.xpack.security.authc.ldap": "TRACE"
  }
}

The config i have for the role_mapping.yml file works for the authenticate so i dont thinks there is a problems with the config of ldap

I second Tim's comment. Please do what we suggest, we only try to assist you here but you need to be willing to work with us.

I am so sorry i have figure out the problems, the search user in the config file and the dn in the api are not the same so it cannot authenticate, but now that i have change the dn of the api, it works now
So thanks for your help.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.