How to grant superuser permission to ladp user

Hello,
I installed x-pack plugin to elasticsearch as well as kibana. I setup ldap realm for authentication purpose. The ldap user is able to login to kibana but unable to perform any other activity such as clicking on Management or Dev tools only show white page and clicking on Monitoring show access_denied message.

I have following in my role_mapping.yml
superuser:

  • "cn=Shah, Bhavik,ou=XXX,ou=yyy,ou=01_Users,dc=zzz,dc=bbb,dc=com"
  • "cn=test-admins,ou=ccc,ou=XXX,ou=ccc,dc=zzz,dc=bbb,dc=com"
    still I am not able to use the api or kibana to manage the cluster

The most likely cause is the role is not being mapped. When escaping a value, I believe you need to use single quotes in the role mapping. You can try changing that and see if it works. Also, I suggest you use the authenticate API so that you can see what roles the user has.

If that doesn't work then you will need to troubleshoot what is being returned by LDAP.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.