I need some information on the configurations file changes for the opendistro to connect with the LDAP/AD without providing the bind user and password in below mentioned path
In the above mentioned path actually we will provide the dn name and dn login info ,groups to access for the role base,here we are providing the authentication of bind user login and password ,so the requirement is to connect to the AD/LDAP users without giving the bind user credentials in above mentioned file path.
Any quick suggesstion/answers is helpful.
[Moved to the security category since LDAP is managed by that plugin]
What version of ODFE are you running? What is your AD solution?
ODFE is 7.10.2 version and security plugin version is 1.13.2
Active directory version is Windows server 2012 R2 standard evaluation
Requirement : LDAP configuration for opendistro that should with out providing the bind user login credential with in the config.yml file as mentioned above configuration.
Thanks for the details.
The LDAP authentication requires bind dn. However, you could enable Anonymous with read privileges to your users OU. Then in config.yml both bind_dn and password have to be set to null.
Documentation for Open Distro, the community-driven, 100% open source distribution of Elasticsearch OSS with advanced security, alerting, deep performance analysis, and more.
Thanks for the quick response, can you please provide some code snippet or configuration how can we add the anonymous user of ldap in the elasticsearch configuration file with config.yml
As per mentioned documentation, you have to set both bind_dn and password to null in config.yml.
description: "Authenticate via LDAP or Active Directory"
No need to change anything in elasticsearch.yml
Before you apply this configuration to the set, you’ll need to enable the Anonymous user at target OU.
Hi is there any reference for the enabling anonymous user at AD/LDAP users,any suggestion will helpful soon.