I am trying to map a kibana role with active directory users. The ad users assigned to the role can see the index but cannot see any data within the index itself.
I have mirrored a working role with the exact same settings in kibana management role like so:
The security group is added within Active directory as well and active directory users added to that security group. When these users sign into Kibana, they can see the index name but they cant see any data. Again it is setup as exactly as the same as other working roles
Am I missing something? Do I need to restart elasticsearch service after changes to the role_mapping.yml file?
I suspect you simply mean that they can see the Kibana index pattern. There is no security about index patterns (except within Kibana spaces), so this probably means that your users are not being granted the role you expect.
No, if it is correctly configured, it will be loaded automatically after it is modified. You do need to change it on every node though...
I suspect this is the problem. You cannot simply edit the file on the master node, it needs to exist on every node that can perform authentication (which is most clusters is every node).
I can see the index pattern with log data but other users cant.
ahhh okay in this case I only made the change in the master nodes and not data nodes. That would probably explain it. I will make the change there and see. Thanks.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
