I am having difficulty in integrating LDAP with ElasticSearch. My readonlyrest.yml looks like below:
readonlyrest:
access_control_rules:
- name: LDAP Authentication
type: allow
ldap_auth:
name: "ldap1"
groups: ["CN=*"]
indices: ["*"]
ssl:
enable: true
keystore_file: "/var/elasticsearch/elasticsearch-6.6.1/config/VW527967_ds_dev_accenture_com.pfx"
keystore_pass: password
key_pass: password
ldaps:
- name: ldap1
host: "ldap.deu.adt.accenture.com"
port: 389
ssl_enabled: false
bind_dn: "A02957DIRNCLM_REPT@dir.svc.accenture.com"
bind_password: "password"
search_user_base_DN: "CN=r.ullas.baliga,OU=People,DC=dir,DC=svc,DC=accenture,DC=com"
user_id_attribute: "uid"
search_groups_base_DN: "CN=adtbitbucket001.dev.admin,OU=Groups,dc=dir,dc=svc,dc=accenture,dc=com"
unique_member_attribute: "uniqueMember"
connection_pool_size: 10
connection_timeout_in_sec: 10
request_timeout_in_sec: 10
cache_ttl_in_sec: 60
group_search_filter: "(objectClass=*)"
group_name_attribute: "cn"
In the logs I get below error :
[2020-02-12T12:25:43,559][INFO ][t.b.r.a.l.AccessControlLoggingDecorator] [uuCSvE6] FORBIDDEN by default req={ ID:2016284649-1753224073#136, TYP:MainRequest, CGR:N/A, USR:r.ullas.baliga (attempted), BRS:true, KDX:null, ACT:cluster:monitor/main, OA:10.140.16.120/32, XFF:null, DA:10.140.16.120/32, IDX:<N/A>, MET:GET, PTH:/, CNT:<N/A>, HDR:Accept=*/*, Authorization=<OMITTED>, Host=VW527967.ds.dev.accenture.com:9200, User-Agent=curl/7.29.0, content-length=0, HIS:[LDAP Authentication-> RULES:[ldap_auth->false]] }
Can someone please tell me if the configuration I am doing is incorrect?
When I do an ldap search from the linux machine, results look fine :
ldapsearch -x -D "A02957DIRNCLM_REPT@dir.svc.accenture.com" -W -p 389 -h ldap.deu.adt.accenture.com -b "CN=adtbitbucket001.dev.admin,OU=Groups,DC=dir,DC=svc,DC=accenture,DC=com" -s sub "(objectclass=*)"