Hi there,
I have successfully added xpack to EL and Kibana, and all my traffic is happening via SSL, so far so good.
I am having problems when adding LDAP for authentication tho.
I can authenticate on Kibana, but i get a blank page, i can only see the left menu and the logo, nothing else.
When i authenticate to EL via API, I can search,etc. I have added my user to the 'superuser' role, but the result is the same.
EL 5.3.0
Kibana 5.3.0
Here is my config:
xpack.security.authc:
realms:
file:
type: file
order: 0
native:
type: native
order: 1
ldap:
type: ldap
order: 2
enabled: true
url: "ldaps://ldap:636/"
ssl.key: "/etc/elasticsearch/certs/cert.key"
ssl.certificate: "/etc/elasticsearch/certs/cert.crt"
ssl.certificate_authorities: [ "/etc/elasticsearch/certs/cert.ca" ]
user_search:
base_dn: "ou=People,dc=example,dc=com"
attribute: uid
group_search:
base_dn: "ou=People,dc=example,dc=com"
files:
role_mapping: "/etc/elasticsearch/x-pack/role_mapping.yml"
-- role_mapping.yml
superuser:
- "uid=adminUser,ou=People,dc=example,dc=com"
kibana_user: - "ou=People,dc=example,dc=com"
monitoring_user: - "ou=People,dc=example,dc=com"
user: - "ou=People,dc=example,dc=com"
- "uid=myUser,ou=People,dc=example,dc=com"
USER role:
{
"cluster": [ "all" ],
"indices": [
{
"names": [ "events-", "journal", "filebeat*", "%{[@metadata]*" ],
"privileges": [ "read" ]
}
]
}
Authenticating to EL:
curl -u myUser https://elasticsearch01:9200/_xpack/security/_authenticate
Enter host password for user 'myUser':
{"username":"myUser","roles":["user"],"full_name":null,"email":null,"metadata":{},"enabled":true}[
Not adminUser or myUser can see anything when loggin in to kibana. (other than the menu)
I have tried adding myUser to kibana_role and monitoring_role, but that doesn't change anything,
and i understood that it should be enough with the DN string being added to the role.
Hope you can help.
Thanks
Laura