Ldap Authorization from certain OU

Hi all.
The question is how to properly configure the config for authorization through LDAP so that you can specify certain OU ( Organizational Unit ) from which users can log in ?

As I understood from the article, this setting is needed.
Through user_dn_templates

xpack:
security:
authc:
realms:
ldap:
ldap1:
order: 0
url: "ldaps://ldap.example.com:636"
user_dn_templates:
- "cn={0}, ou=users, o=marketing, dc=example, dc=com"
- "cn={0}, ou=users, o=engineering, dc=example, dc=com"
group_search:
base_dn: "dc=example,dc=com"
files:
role_mapping: "/mnt/elasticsearch/group_to_role_mapping.yml"
unmapped_groups_as_roles: false

In my config the full canonical name (OU) in my config.
But when I try to login via LDAP, the answer comes - wrong password or name

In the Mapping rules settings, I also specify the full name of the OU.
I also tried with different User field

But I still get an error while logging in - wrong password or name.
Password and user are 100% correct.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.