LDAP type is not supported - ERROR

security

(Ail) #1

Hi, I am facing an issue with setting up shield integration with my LDAP.
I have elasticsearch v1.7.5
My elasticsearch.yaml:
...
shield.authc:
realms:
realm1:
type: ldap
order: 1
url: ""
bind_dn: ""
bind_password:
files:
role_mapping: "...elasticsearch17/1.7.5/config/shield/role_mapping.yml"

When I restart my elasticsearch, I get:

[2016-03-21 13:10:36,902][INFO ][node ] [Gazelle] version[1.7.5], pid[17791], build[00f95f4/2016-02-02T09:55:30Z]
[2016-03-21 13:10:36,902][INFO ][node ] [Gazelle] initializing ...
[2016-03-21 13:10:36,994][INFO ][plugins ] [Gazelle] loaded [license, shield], sites []
[2016-03-21 13:10:37,025][INFO ][env ] [Gazelle] using [1] data paths, mounts [[/ (/dev/disk1)]], net usable_space [229.3gb], net total_space [464.8gb], types [hfs]
[2016-03-21 13:10:37,306][INFO ][transport ] [Gazelle] Using [org.elasticsearch.shield.transport.ShieldServerTransportService] as transport service, overridden by [shield]
[2016-03-21 13:10:37,306][INFO ][transport ] [Gazelle] Using [org.elasticsearch.shield.transport.netty.ShieldNettyTransport] as transport, overridden by [shield]
[2016-03-21 13:10:37,306][INFO ][http ] [Gazelle] Using [org.elasticsearch.shield.transport.netty.ShieldNettyHttpServerTransport] as http transport, overridden by [shield]
{1.7.5}: Initialization Failed ...

  1. ElasticsearchIllegalArgumentException[no type support [ldap]]

Any ideas, what I am missing?

Thanks.


(Jay Modi) #2

That exception doesn't look like one that shield would throw in this case. Can you confirm that your yaml formatting is correct and you do not have any tabs in your config file? Without the proper formatting, this will not be read properly.


(Ail) #3

Thanks for replying. I fixed the format and seems to be working now.


(Ail) #4

shield.authc.realms.realm1.type: ldap
shield.authc.realms.realm1.order: 1
shield.authc.realms.realm1.url: ""
shield.authc.realms.realm1.bind_dn: ""
shield.authc.realms.realm1.bind_password:
shield.authc.realms.realm1.files.role_mapping: "/usr/local/Cellar/elasticsearch17/1.7.5/config/shield/role_mapping.yml"

However, I am still getting this error: ShieldSettingsException[configured LDAP protocols are not all equal (ldaps://.. and ldap://..): [ldap://10.21.9...

This is an issue on my side, no worries. Thanks a lot


(system) #5