LDAP ROR configuration

Can someone help me? I have LDAP configured but login is not working.
This is my conf file of ROR in Kibana :

- name: admin
  type: allow
  groups: [ "admin" ]
  #indices: [ "*" ]
  kibana_access: unrestricted

### ADMINS ###
- username: admin.forename
  groups: [ "admin" ]
    name: "ldap_name"

###### Connectors ######


- name: ldap_name
  - "ldaps://xxxxxx:636"
  ha: "FAILOVER"
  port: 636
  ssl_enabled: true
  ssl_trust_all_certs: true
  bind_dn: 'Domain\Name'
  bind_password: 'xxxx'
  search_user_base_DN: "dc=,dc="
  search_groups_base_DN: "dc=,dc="
  user_id_attribute: "sAMAccountName"
  unique_member_attribute: "member"
  connection_pool_size: 10
  connection_timeout_in_sec: 10
  request_timeout_in_sec: 10
  cache_ttl_in_sec: 60
  group_search_filter: "(objectClass=group)"
  group_name_attribute: "cn"

Error Message when i try login with LDAP credentials:
:warning: Could not login
Upgrade to ReadonlyREST Enterprise to use “kibana_index” rule


Hi @miroslavkardos

could you please let us know what ES, KBN, and ROR versions you use?

Hello, I am using ROR version pro-readonlyrest_kbn_pro-1.26.1_es7.5.2.zip on Kibana And readonlyrest-1.54.0_es7.5.2.zip on my ES Master nodes , Kibana and ES are on version 7.5.2.


Update : i reinstalled ES RoR plugin and Kibana RoR Plugin : readonlyrest_kbn_pro-1.54.0_es7.5.2.zip , readonlyrest-1.54.0_es7.5.2.zip for version 7.5.2 and everything works.

Yeah. this is what I thought, because I remember we’ve already fixed the issue like yours.
BTW, please make sure you always have the same versions of the ROR plugin on the KBN and the ES side. We don’t guarantee two different versions will work well with each other.

1 Like