hello guys, I've been trying to set up authorization for a domain controller for a very long time and everything has failed, I've read a lot of topics and can't find an answer, help me)
telnet domain:389 successful
logger.org.Elasticsearch.discovery: DEBUG
xpack.security.enabled: true
xpack:
security:
authc:
realms:
ldap:
ldap1:
order: 0
url: "ldap://10.102.5.101:389"
bind_dn: "cn=s-kibana,ou=Users,ou=MCREDIT,dc=mgc,dc=local"
bind_password: 123qweASD
user_search:
base_dn: "dc=mgc,dc=local"
filter: "(cn={0})"
group_search:
base_dn: "dc=mgc,dc=local"
files:
role_mapping: "/etc/Elasticsearch/role_mappings.yml"
unmapped_groups_as_roles: false
My file, also for roles file
superuser:
- cn=kibana-users,cn=Groups,cn=DC,dc=mgc,dc=local
- cn=DDenisov-adm,cn=Admins-Accounts,cn=Users,cn=MIGCREDIT,dc=mgc,dc=local
user: - "cn=kibana-users,cn=Groups,cn=DC,dc=mgc,dc=local"
I'm trying to log in as a user who is in kibana-users and under my DDenisov-adm account, but I get an error 403
I don't see errors in the Elasticsearch log, I also turned on the debug, but it didn't help to see the errors
I logged in to kibana under the Elasticsearch user and there are no errors in the role-mapping, I don’t know what to do anymore) please help