Hello - I've been trying to configure LDAP/AD authentication within the Graylog web interface but it's not always working. I configure (and save) the LDAP settings (server, user, group) and all the tests from the Graylog interface pass without issue.
I attempt to login with my AD account - sometimes it works and sometimes not. When it doesn't, I get a message that I'm using an invalid account (or something to that effect). If I login with my local account and go to the LDAP settings page it's as if they were never configured. Here's where it gets a little weird... if I refresh the page and/or wait a couple of minutes, those settings will typically return and then my AD login works again. Also, I've found that while I'm in the middle of a login session (doing whatever - logged in as my AD user), the screen will reload and I'll be left at the initial login screen. If I try my AD account, often times it doesn't work right away. I login with the local account and the LDAP settings are blank again. There doesn't seem to be any rhyme or reason to it - it can be fine for a few minutes to a few hours - but it is kind of annoying. I did some research and found some others experiencing a similar issue due to having multiple entries under the LDAP collection in Mongo - the solution for most was to remove those and recreate in Graylog. I did have that situation in the beginning as the first few times it happened I was resetting the LDAP options in Graylog. I removed the duplicate entries and reset - still didnt help. I also completely dropped the ldap_settings collections from Mongo and reset. The issue is still occurring though... Anyone have any other suggestions or thoughts? Current setup: CentOS 7 2 Graylog servers (load balanced with HAProxy) Mongo DB replica set (one instance on each of the 2 Graylog servers - arbiter installed on a 3rd machine) 2 ElasticSearch servers Thanks for any suggestions. Robin H -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/3ab8b9f3-9a04-4e92-a748-a357b9c797a9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
