Ldap user unable to login after upgrade to 6.6.1

Kevin_Comer · March 5, 2019, 7:26pm

I just upgraded a test cluster and now I'm not able to login as a user which is in an ldap group for superusers.
I'm getting the error below
Error in Browser
{"message":"action [indices:data/read/search] is unauthorized for user [user123]: [security_exception] action [indices:data/read/search] is unauthorized for user [user123]","statusCode":403,"error":"Forbidden"}

I have added a superuser role_mapping in the Elastic API as well as in the /etc/elasticsearch/role_mapping.yml file

API
"superuser" : {
"enabled" : true,
"roles" : [
"superuser"
],
"rules" : {
"field" : {
"groups" : "CN=sdlc_elasticsearch_admin,OU=elk,OU=appgroups,OU=accessmgmnt,DC=something,DC=something,DC=com"
}
},
"metadata" : { }
}
}

Any Ideas how I may resolve this issue?

Brandon_Kobel · March 5, 2019, 9:24pm

Hey @Kevin_Comer, which version were you on prior to the upgrade?

Kevin_Comer · March 5, 2019, 9:38pm

6.3.2

Brandon_Kobel · March 5, 2019, 9:55pm

Are you seeing that error message directly after logging in to Kibana?

Kevin_Comer · March 5, 2019, 10:20pm

Yes I was getting this directory in the browser after logging and I was just now able to resolve this with a change in my ldap configuration.

My group search base dn changed and this test cluster did not get updated. I corrected this and now Im able to login.

Thank You

system · April 2, 2019, 10:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.