I have set up x-pack security and configured an Active Directory realm which is working fine for most of my users. I had an issue today whereby someone was not getting assigned any roles once they were authenticated.
I turned on debugging and noticed that the list of Active Directory groups that was being compared by the role mapping process only contained about half the groups that the user was actually a member of.
Could anyone advise if there is a limit on the number of groups returned by this process.
The DEBUG entry was:
[DEBUG][o.e.x.s.a.s.DnRoleMapper ] [Server] the roles [[default_index]], are mapped from these [active_directory] groups
DEBUG][o.e.x.s.a.s.DnRoleMapper ] [Server] the roles [], are mapped from the user [CN=LastName\, FirstName,OU=test,OU=Accounts,DC=domain,DC=com] for realm [active_directory/active_directory]
Thanks in advance