Version: 6.x-21
This is an older version of Search Guard. Switch to Latest version

Active Directory and LDAP

Active Directory and LDAP can be used for authentication and authorisation thus it can be used both in the authc and authz section of the configuration.

The authc section is used for configuring authentication, which means to check if the user has entered the correct credentials. The authz is used for authorisation, which defines how the role(s) for an authenticated user are retrieved and mapped.

In most cases, you want to configure both authentication and authorization, however, it is also possible to use authentication only and map the users retrieved from LDAP directly to Search Guard roles.

Where to go next