Shield unable to authenticate user to active directory domain

security

(Sivashankar Bhaskaran) #1

I have elasticsearch installed and running , i wanted to install the shield and authenticate via active directory
i followed all the step given here -->https://www.elastic.co/guide/en/shield/current/active-directory-realm.html

Basically i did the following
-have setup a Elasticsearch administrative user in Active Directory Users
-updated the elasticsearch.yml

#-----SHIELD CONFIG------
shield:
authc:
realms:
active_directory:
type: active_directory
order: 0
domain_name: <domain.name>
url: ldap://<domain.name>:5601
unmapped_groups_as_roles: true

--updated the role_mapping.yml
--restarted the elasticsearch

getting the following error:
Aug 4 19:24:34 wlielastict01 elasticsearch: [2016-08-04 19:24:34,543][WARN ][shield.authc.activedirectory] [cignanz-elk-test-wlielastict01] authentication failed for user [admin]: unable to authenticate user [admin] to active directory domain [asia.intl.cigna.com]
Aug 4 19:24:34 wlielastict01 elasticsearch: cause: com.unboundid.ldap.sdk.LDAPException: A client-side timeout was encountered while waiting 5000ms for a response to simple bind request with message ID 1 for user 'admin@asia.intl.cigna.com' from server wlielastict01.asi

Can anyone suggest me if i am missing something here?

Thanks in advance


(Tanguy) #2

Hi,

It seems your LDAP server is not responding. You should check the connection between your elasticsearch nodes and the LDAP server.


(Sivashankar Bhaskaran) #3

Thanks for the response tanguy.
When you say connection issue between elasticsearch nodes and the LDAP server does it mean the shield config is not correct? or is it to do something with the active directory setup?


(Tanguy) #4

Maybe both. I suggest you check the connectivity between your elasticsearch nodes and your LDAP server. Once it is done, check again your Shield configurations (see https://www.elastic.co/guide/en/shield/2.3/ldap-realm.html) you might need to configure bind_dn, bind_password, user_search etc.


(system) #5