We have a 2.8 cluster with a mix of both internal users and LDAP users. Our config has the internal domain at Order 0, and the LDAP domain at Order 1. Despite this, I am seeing the below error in our logs for an internal user:
Cannot retrieve roles for from ldap due to OpenSearchSecurityException[OpenSearchSecurityException[No user USER found]]; nested: OpenSearchSecurityException[No user found];
This is not expected is it? I"m wondering why the cluster is pinging LDAP if the internal user was already found.
I see another post suggesting to add “skip_users” and manually add internal users. It doesn’t make sense to me that LDAP would be pinged when the internal user was already found in the order 0 domain.