LDAP type is not supported - ERROR

Yaseen · March 21, 2016, 12:24pm

Hi, I am facing an issue with setting up shield integration with my LDAP.
I have elasticsearch v1.7.5
My elasticsearch.yaml:
...
shield.authc:
realms:
realm1:
type: ldap
order: 1
url: ""
bind_dn: ""
bind_password:
files:
role_mapping: "...elasticsearch17/1.7.5/config/shield/role_mapping.yml"

When I restart my elasticsearch, I get:

[2016-03-21 13:10:36,902][INFO ][node ] [Gazelle] version[1.7.5], pid[17791], build[00f95f4/2016-02-02T09:55:30Z]
[2016-03-21 13:10:36,902][INFO ][node ] [Gazelle] initializing ...
[2016-03-21 13:10:36,994][INFO ][plugins ] [Gazelle] loaded [license, shield], sites []
[2016-03-21 13:10:37,025][INFO ][env ] [Gazelle] using [1] data paths, mounts [[/ (/dev/disk1)]], net usable_space [229.3gb], net total_space [464.8gb], types [hfs]
[2016-03-21 13:10:37,306][INFO ][transport ] [Gazelle] Using [org.elasticsearch.shield.transport.ShieldServerTransportService] as transport service, overridden by [shield]
[2016-03-21 13:10:37,306][INFO ][transport ] [Gazelle] Using [org.elasticsearch.shield.transport.netty.ShieldNettyTransport] as transport, overridden by [shield]
[2016-03-21 13:10:37,306][INFO ][http ] [Gazelle] Using [org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport] as http transport, overridden by [shield]
{1.7.5}: Initialization Failed ...

ElasticsearchIllegalArgumentException[no type support [ldap]]

Any ideas, what I am missing?

Thanks.

jaymode · March 21, 2016, 12:46pm

That exception doesn't look like one that shield would throw in this case. Can you confirm that your yaml formatting is correct and you do not have any tabs in your config file? Without the proper formatting, this will not be read properly.

Yaseen · March 21, 2016, 1:24pm

Thanks for replying. I fixed the format and seems to be working now.

Yaseen · March 21, 2016, 1:25pm

shield.authc.realms.realm1.type: ldap
shield.authc.realms.realm1.order: 1
shield.authc.realms.realm1.url: ""
shield.authc.realms.realm1.bind_dn: ""
shield.authc.realms.realm1.bind_password:
shield.authc.realms.realm1.files.role_mapping: "/usr/local/Cellar/elasticsearch17/1.7.5/config/shield/role_mapping.yml"

However, I am still getting this error: ShieldSettingsException[configured LDAP protocols are not all equal (ldaps://.. and ldap://..): [ldap://10.21.9...

This is an issue on my side, no worries. Thanks a lot