XPack Security Configuration


I am just curious that in the subscription for xpack or elastic stack, it was mentioned there that Kibana can do LDAP authentication. My question is, is it possible to setup in Kibana host (kibana.yml) to directly communicate with LDAP server? I mean configuration wise, when the request comes in to Kibana, it will be authenticated right away on that layer. What I saw in the documentation is that elasticsearch host is the one that is communicating to LDAP. I don't want to reach the elastic node for LDAP authentication. Please advise and kindly correct if my understanding is wrong. Thanks

Elasticsearch is the component enforcing security, so it has to be the one communicating with LDAP as far as I know.

Hi @ronchav,

What @Christian_Dahlqvist informed is correct, authentication and authorization are handled on ES.
On Kibana we do not have any information related to ldap config, role mapping etc.

Thanks and Regards,
Yogesh Gaikwad

@Christian_Dahlqvist and @Yogesh_Gaikwad, thanks for the answer. If you look on the subscription details below, it shows that Kibana supports Native, LDAP, Active Directory authentication, so I thought it is achievable in Kibana.

When you log into Kibana this is supported, but it is Elasticsearch that enforces it.

Thanks, it's clear now.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.