Before trying it out make sure you have appropriate licenses
2025-07-28T17:57:40,798][WARN ][o.e.x.s.a.RealmsAuthenticator] [node-01] Authentication failed using realms [reserved/reserved,file/default_file,native/default_native]. Realms [ldap/ldap1] were skipped because they are not permitted on the current license
If you have license, follow these steps
in elasticsearch.yml add following LDAP config
# Enable LDAP auth
xpack:
security:
authc:
realms:
ldap:
lab_ldap1:
order: 2
url: "ldap://my_ldap_uri:389"
bind_dn: "uid=elasticsdn,ou=appusers,dc=exmaple,dc=com"
user_search:
base_dn: "ou=people,o=myorg,ou=customers,dc=example,dc=net"
filter: "(uid={0})"
group_search:
base_dn: "ou=group,o=myorg,ou=customers,dc=example,dc=net"LDAP binddn user password is not part of config and must be defined in elasticsearch keystore
root@elksdn01 bin]# cd /usr/share/elasticsearch/bin/
[root@elksdn01 bin]# ./elasticsearch-keystore add xpack.security.authc.realms.ldap.lab_ldap1.secure_bind_password
Enter value for xpack.security.authc.realms.ldap.lab_ldap1.secure_bind_password:
[root@elksdn01 bin]# Check keystore list
elasticsearch-keystore list
autoconfiguration.password_hash
keystore.seed
xpack.security.authc.realms.ldap.lab_ldap1.secure_bind_password
xpack.security.http.ssl.keystore.secure_password
xpack.security.transport.ssl.keystore.secure_password
xpack.security.transport.ssl.truststore.secure_password
[root@elksdn01 bin]# systemctl restart elasticsearch.service
Related Posts
