Shield/ldap integration

security

(bowow) #1

Hi,
I have Kibana shielded with security plugin. I have used LDAP realm as well.
Now when I try to login with my org id and password it doesn't work.

All other credentials specified in the kibana.yml file is also failing.

Below is role_mapping.yml file
> # Role mapping configuration file which has elasticsearch roles as keys
> # that map to one or more user or group distinguished names

> #roleA:   this is an elasticsearch role
> #  - groupA-DN  this is a group distinguished name
> #  - groupB-DN
> #  - user1-DN   this is the full user distinguished name

> #power_user:
> #  - "cn=admins,dc=example,dc=com"

> #user:
> #  - "cn=users,dc=example,dc=com"
> #  - "cn=admins,dc=example,dc=com"
> #  - "cn=John Doe,cn=other users,dc=example,dc=com"

> admin:
>   cluster: all
>   indices:
>     '*': all

> admin:
>   - "cn=es_admin,ou=Users,dc=elastic,dc=co"

> kibana4_server:
>   - "cn=server,ou=Kibanas,dc=elastic,dc=co"

> kibana4:
>   - "cn=es_admin,ou=Kibanas,dc=elastic,dc=co"

(Thomas Neirynck) #2

hi @bishaka,

what are the server logs telling you? Perhaps there is a syntax error in the config file, which would cause the configuration not to be read.

Can you also double check if the names in the config matches the LDAP distinguished names? (https://www.elastic.co/guide/en/x-pack/current/ldap-realm.html#mapping-roles-ldap)


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.