Shield/ldap integration

bishaka · November 18, 2016, 12:27am

Hi,
I have Kibana shielded with security plugin. I have used LDAP realm as well.
Now when I try to login with my org id and password it doesn't work.

All other credentials specified in the kibana.yml file is also failing.

Below is role_mapping.yml file
> # Role mapping configuration file which has elasticsearch roles as keys
> # that map to one or more user or group distinguished names

> #roleA:   this is an elasticsearch role
> #  - groupA-DN  this is a group distinguished name
> #  - groupB-DN
> #  - user1-DN   this is the full user distinguished name

> #power_user:
> #  - "cn=admins,dc=example,dc=com"

> #user:
> #  - "cn=users,dc=example,dc=com"
> #  - "cn=admins,dc=example,dc=com"
> #  - "cn=John Doe,cn=other users,dc=example,dc=com"

> admin:
>   cluster: all
>   indices:
>     '*': all

> admin:
>   - "cn=es_admin,ou=Users,dc=elastic,dc=co"

> kibana4_server:
>   - "cn=server,ou=Kibanas,dc=elastic,dc=co"

> kibana4:
>   - "cn=es_admin,ou=Kibanas,dc=elastic,dc=co"

thomasneirynck · November 28, 2016, 4:34pm

hi @bishaka,

what are the server logs telling you? Perhaps there is a syntax error in the config file, which would cause the configuration not to be read.

Can you also double check if the names in the config matches the LDAP distinguished names? (https://www.elastic.co/guide/en/x-pack/current/ldap-realm.html#mapping-roles-ldap)

system · December 26, 2016, 4:34pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.