We are expecting that the LDAP connection closes after the authentication search but it is not happening.
This is what we would want to see in the logs:-
[logs]$grep conn=1138167 access
CONNECT conn=1138167 from=XXXXXXXXX to=XXXXXXXXX:XXXX protocol=LDAPS
BIND REQ conn=1138167 op=0 msgID=1 type=SIMPLE dn="cn=XXXXXX,ou=users,o=XXXXXXXXX" version=3
BIND RES conn=1138167 op=0 msgID=1 result=0 authDN="cn=XXXXXX,ou=users,o=XXXXXXXX" etime=1
**DISCONNECT conn=1138167 reason="**Client Disconnect**"**
This is the config that we are using for LDAP connectivity -
xpack:
security:
authc:
realms:
ldap:
ldap1:
bind_dn: cn=XXXXXXX,ou=XXX,ou=apps,o=XXXXXXXXXXXXXXX
group_search:
base_dn: ou=XXX,ou=apps,o=XXXXXXXXXXXXXXX
filter: uniqueMember={0}
order: 0
ssl:
certificate_authorities:
- /etc/elasticsearcarch/ELK-LDAP.pem
unmapped_groups_as_roles: false
url: ldaps://XXXXXXXXXXXXXXXXXXX
user_search:
base_dn: ou=users,o=XXXXXXXXXXXXXXX
filter: (&(objectclass=scbperson)(|((ismemberof=cn=XXXXXXXX,ou=XXX,ou=apps,o=XXXXXXXXXXXXXXX))(cn={0}))
native:
realm1:
order: 1