**Elasticsearch version: 7.5
**Server OS version: Red Hat 7.6
**Describe the issue:
Hello,
I installed Elasticsearch Stack with Search Guard. (With LDAP Authent)
I have mapped admin to my admin group in LDAP (cn=ldap_admins).
=> It works. My ldap user with ldap_admins group can perform full action on cluster. It can go to Kibana too.
Then, i created role called R_APP_TEST_ES_WRITER for ldap group “test_es”.
I have user called a_app_test in ldap group test_es. So, it retrieve role when i check with auth info :
So, i check auth info and all is ok for now :
…authinfo?pretty -u 'a_app_test
“sg_roles” : [
“R_APP_TEST_ES_SOCLE_WRITER”,
“SGS_OWN_INDEX”
],
“sg_tenants” : {
“apptest” : true,
“a_app_test” : true
This user can use curl on Elasticsearch.
But on Kibana, after authentifcation i have :
{“statusCode”:403,“error”:“Forbidden”,“message”:"no permissions for [indices:data/read/search]
I have put this right under sg_roles for R_APP_TEST_ES_WRITER, but always this error.
Thanks for hepl.