Here is where I am at ::
- I visit the ELK URL and am presented with a login screen (Shield login)
- I enter wrong AD credentials to verify it is contacting the domain controller and authenticating correctly, this is proven true due to the fact it rejects wrong credentials but accepts correct ones
- After I enter correct credentials, it brings me to the 'Server Status' page where all services are in 'Ready' status EXCEPT for plugin:elasticsearch which says 'Authentication Exception' and plugin:marvel 'Waiting for Elasticsearch'
Here is what is in my elasticsearch.yml ::
shield.authc.realms:
active_directory:
type: active_directory
domain_name: mydomain.com
unmapped_groups_as_roles: true
url: ldap://my-dc.mydomain.com
I have the elasticsearch.username and elasticsearch.password commented out in my kibana.yml file, currently. I am not sure what to put for these as I am integrating with AD. Might be a problem, might not be, I am not sure at this time.
In role-mapping.yml, I do have the correct DistinguishedName to the OU the users are in, in AD, for authentication.
I can verify the shield plugin as well as license are installed on all four of my nodes.