I have a question, can I take the ldap attribute to create a role map? and the following is the ldap configuration in elasticsearch.yml

xpack:
security:
authc:
realms:
ldap:
ldap1:
order: 0
url: "ldap://xxx.xxx.xxx.xxx:389"
bind_dn: "uid=xxxxx,ou=accounts,o=xxx,dc=xx,dc=xx"
#user_search.attribute: "branchalias"
#user_group_attribute: "branchalias"
group_search.user_attribute: "branchalias"
#user_dn_templates:
#-"ou=accounts,o=xxx,dc=xxx,dc=xxx"
#-"uid={0},ou=xxxxx,o=xxx,dc=xxx,dc=xxx"
#attribute: "uid"
user_search:
base_dn : "ou=accounts,o=xxx,dc=co,xxx=xxx"
#filter: "(uid={0})"
#attribute: "branchalias"
#group_search:
#base_dn: "ou=accounts,o=xxx,dc=xxx,dc=xxx"
files:
role_mapping: "/etc/elasticsearch/role_mapping.yml"
#unmapped_groups_as_roles: false
#metadata :
# - branchalias
#- uid
#- elasticrole
#- ldap_dn
#- ldap_groups

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.