Hi Team,
I configured shield and trying to connect from Kibana for different Active Directory group. The 1st group is working properly but when i put two roles in roles_mapping.yml file, kibana is throwing error:
And do we need to restart elasticsearch nodes after roles_mapping.yml changes? i believe NO but please confirm.
PFB error:
Error: unhandled courier request error: [security_exception] action [indices:data/read/mget] is unauthorized for user [USER-1]
at handleError (http://1.1.1.1:5601/bundles/kibana.bundle.js?v=9889:89247:23)
at DocRequest.AbstractReqProvider.AbstractReq.handleFailure (http://1.1.1.1:5601/bundles/kibana.bundle.js?v=9889:89167:15)
at http://1.1.1.1:5601/bundles/kibana.bundle.js?v=9889:89061:18
at Array.forEach (native)
at http://1.1.1.1:5601/bundles/kibana.bundle.js?v=9889:89059:19
at processQueue (http://1.1.1.1:5601/bundles/commons.bundle.js?v=9889:41836:29)
at http://1.1.1.1:5601/bundles/commons.bundle.js?v=9889:41852:28
at Scope.$eval (http://1.1.1.1:5601/bundles/commons.bundle.js?v=9889:43080:29)
at Scope.$digest (http://1.1.1.1:5601/bundles/commons.bundle.js?v=9889:42891:32)
at Scope.$apply (http://1.1.1.1:5601/bundles/commons.bundle.js?v=9889:43188:25)
roles_mapping.yml:
admin:
- "CN=gp-ops-es-admin,OU=groups,OU=ops,OU=ccs,DC=ad,DC=dsi,DC=----,DC=com"
abcdadmin: - "CN=gp------es-admin,OU=groups,OU=----,OU=ccs,DC=ad,DC=----,DC=----,DC=com"
Thanks & Regards