I have stored the active directory bind user password in elasticsearch keystore . but password not getting read from the keystore .
elasticsearch.yml settings:
xpack:
security:
authc:
realms:
native1:
type: native
order: 0
ldapad:
type: active_directory
order: 1
domain_name: domain.net
url: ["ldap://domain1.net:389","ldap://domain2.net:389"]
load_balance.type: failover
bind_dn: elkuser.001
user_search.base_dn: "OU=xxx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx"
keystore :
elastic@elkhost[bin] $ ./elasticsearch-keystore list
keystore.seed
xpack.security.authc.realms.ldapad.bind_password
elastic@elkhost[bin] $
logs:
[2018-05-24T02:23:31,564][WARN ][o.e.x.s.a.AuthenticationService] [dev-node1] Authentication to realm ldapad failed - authenticate failed (Caused by LDAPException(resultCode=89 (parameter error), errorMessage='Simple bind operations are not allowed to contain a bind DN without a password.', diagnosticMessage='Simple bind operations are not allowed to contain a bind DN without a password.'))