Is there a procedure on integrating wazuh with ldap?

nour.megahed · November 18, 2021, 6:50pm

is there a procedure on integrating wazuh with ldap?

danisan · November 26, 2021, 6:22pm

Hello Nour,

If you are running Wazuh with OpenDistro , you can follow this documentation page.

You will need a valid user with the necessary permissions to do the user search inside the LDAP users, and set those credentials inside /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/config.yml

Then, you will need to execute the securityadmin script so the new settings take place:

cd /usr/share/elasticsearch/plugins/opendistro_security/tools
./securityadmin.sh -f ../securityconfig/config.yml -icl -nhnv -cert /etc/elasticsearch/kirk.pem -cacert /etc/elasticsearch/root-ca.pem -key /etc/elasticsearch/kirk-key.pem -t config

Reference: Apply Changes with securityadmin.sh - Open Distro Documentation

Once that is done, you should be able to login into Kibana with your LDAP users and assign permissions to them.
Hope this helps.

system · December 24, 2021, 6:23pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
All-in-one deployement of Wazuh Elasticsearch	3	683	April 25, 2021
WAZUH OSSEC Plugin / intgeration with ELK Elasticsearch	5	2601	January 21, 2019
Threat intelligence Elastic Security	8	742	April 19, 2023
Audit logging Kibana elastic-stack-security	6	345	June 3, 2022
Kibana external plugin does not work after enabling security Kibana	4	444	January 15, 2020

Is there a procedure on integrating wazuh with ldap?

Related topics