I’m trying to build a local test setup with the following components:
SearchGuard 5.2.2 (With Enterprise extension for ActiveDirectory usage)
X-Pack 5.2.2 (Monitoring only)
Without X-Pack, the environment works fine. When I install X-Pack, I get errors in stdout. With the help of an existing Github issue, I’ve been able to work my way past a few of the errors, but at this point, I am stuck. I’ll add some details below. I’d like to mention that I intend to add Kibana to the mix, but I’d like to keep the environment minimal while sorting out these errors.
So, at the moment this is where I am stuck:
Caused by: org.elasticsearch.ElasticsearchSecurityException: unauthenticated request indices:data/write/bulk for user User [name=_sg_internal, roles=]
As recommended by the above-mentioned Github issue (https://github.com/floragunncom/search-guard-ssl/issues/43), I’ve changed my
elasticsearch/config/elasticsearch.yml to have the following settings:
- CN=kirk,OU=client,O=client,L=test, C=de
######## End Search Guard Demo Configuration ########
I’ve tried the other changes mentioned in the issue, but they seem to have no effect for me.
Here are some things I think are remarkable:
I’ve successfully hooked up SearchGuard with ActiveDirectory. Yet, I don’t know what role this
admin_dnplays, and have not yet created an account for this admin. Also, I don’t feel like this is related to this problem I’m blocked on, so I’ve left it alone for now.
I’m curious if Kibana is ESSENTIAL to the environment, and whether or not excluding it for now is exacerbating the problem.
I’m constrained to working with version 5.2.2 of ES.
I am testing with the demo versions of the keystores, although I use the
sg_admin.shtool to initialize SearchGuard. I provide the keystore file paths in the command arguments.
Any ideas or help is greatly appreciated.
Please and thank you,