Issue on Elasticsearch authenication using Active directory

Hi there,

I'm new to Elastic stack and I'm trying to use AD authentication in ES, by the way I have just the basic license. After configuring my ES with the following configuration :

elasticsearch.yml

xpack.security.enabled: true

xpack:
security:
authc:
realms:
active_directory:
my_ad:
order: 0
domain_name: ldap.xxxx.fr
url: ldaps://ldap.xxxx.fr:3268

role_mapping.yml

user:

  • "CN=xxxxxxxxxxxx,OU=Administrators,DC=aaaaa,DC=eeeee,DC=net"

I tried to access ES but it didn't accept my credentiels, when I saw the logs I found the following messages :
[2019-09-19T15:49:47,820][ERROR][o.e.x.s.a.e.NativeUsersStore] [FR-L-H741JR2] security index is unavailable. short circuiting retrieval of user [xxxxxxxxxx]
[2019-09-19T15:49:47,821][WARN ][o.e.x.s.a.AuthenticationService] [FR-L-H741JR2] Authentication failed using realms [reserved/reserved,file/default_file,native/default_native]. Realms [active_directory/my_ad] were skipped because they are not permitted on the current license

1- Am I supposed to create an index or something like that ?
2- Does my current Basic license allow me to do what I want to do ?

Thanks in advance for your help.

Hi @karimkun

[2019-09-19T15:49:47,821][WARN ][o.e.x.s.a.AuthenticationService] [FR-L-H741JR2] Authentication failed using realms [reserved/reserved,file/default_file,native/default_native]. Realms [active_directory/my_ad] were skipped because they are not permitted on the current license

From this log it should be clear, that authentication based on Active Directory is not permitted with your current license. As written on this site (click "Expand all features") you need at least the Gold license. But you can have a free trial month.

Hope this helps.

MiTschMR

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.