A valid syntax for LDAP authorization and authorization from a LDAP connector called “ldap” (defined elsewhere in the YAML) is be the following:
- name : "Access only if user belongs to group1 AND group2"
kibana_access: unrestricted
indices: [".kibana", "example_index"]
ldap_auth:
name: "ldap"
groups_and: ["group1", "group2"]
I noticed that “groups” when specifying 2 groups works like “groups_and”.
Looks like I found another bug that we will use until the next ROR update =)
We have kibana and Elasticsearch version 7.15.1, Enterprise plugin.
See first post.
And unfortunately I can’t update just ror in Kibana.
Therefore, I will wait for the official update to be released on your site.