LDAP authentication error

Hi all
I have a little problems with authenticate to ldap server,
i set it to work already but sometime the authen give me an error timeout,
and all the time all of our account have to wait for some time to log in the server.
Can anyone give me some ways to fix this problems.
Thanks you for your time.

What version are you on?
What does your config look like?
What are the errors you are seeing?
What do the Elasticsearch logs show?

  • The version iam using is 7.9.0
  • The config is like this : (some info will be blank for security reason as i hope you can understand)
xpack:
  security:
    authc:
      realms:
        ldap:
          ldap1:
            order: 0
            url: ldap://:389
            bind_dn: ""
            user_search:
              base_dn: ""
              filter: "(&(objectClass=User)(cn={0}))"
            group_search:
              base_dn: ""
            files:
              role_mapping: "/etc/elasticsearch/role_mapping.yml"
            unmapped_groups_as_roles: false
        native:
          native1:
            order: 1
  • The error from the log that i see are
com.unboundid.ldap.sdk.LDAPException: The asynchronous operation encountered a client-side timeout a
fter waiting 5000 milliseconds for a response to arrive.

com.unboundid.ldap.sdk.LDAPException: An error occurred while attempting to connect to server Domain
DnsZones.TE.TEST.VN:389:  IOException(LDAPException(resultCode=91 (connect error), errorMessage='Unab
le to establish a connection to server DomainDnsZones.TE.TEST.VN/192.168.0.1:389 within the configure
d timeout of 5000 milliseconds.', ldapSDKVersion=4.0.8, revision=28812))

Have you raised this question with your Elastic support contact?

I haven't since this is only an testing cluster to test new feature and it is trial license.

Ok no worries, thought that was the case but wanted to make sure.

Do you have access to the LDAP server logs at the time of these timeouts to see if there is anything that correlates? Do you have a firewall or anything in between the systems that might be causing a disconnect?

Unfortunately i do not have the account on the ldap server so i cannot view the log there, are there any other ways for me to troubleshoot this problems.