I’ve been looking at Wireshark and here is what i have found:
A successful request to the AD server is in the following format:
Filter: (&(objectClass=user)(|(sAMAccountName=someUser)(userPrincipalName=someUser@domain.local)))
Here is my current request:
Filter: (sAMAccountName=someUser)
@coutoPL is there a way to specify userPrincipalName as the bind attribute in the elasticsearch.yml file? I’ve looked the LDAP requests and the search is successful but I still cannot authenticate.
I am not sure if this is correct, but I am suspecting that when I specify user_id_attribute: "sAMAccountName"
It successfully find the users registry in the AD directory, but the query returns the userDistinguishedName. I think that I cannot authenticate because the LDAP is trying to match the sAMAccountName with the userDistinguishedName. Therefore I was trying to know if there is an attribute specifically for this part, like a user_bind_attribute:userDistinguishedName
Thanks @coutoPL for adding this feature. I’ve downloaded but I’m getting errors when I try to build:
There were test failures: 24 suites, 77 tests, 6 suite-level errors [seed: A57D8356E509D0C7]
@coutoPL this pull request just solved my problem! Now I can authenticate using my AD login. When are you going to update the master and release a new binary?