Active Directory and LDAP
Active Directory and LDAP can be used for authentication and authorisation thus it can be used both in the
authz section of the configuration.
authc section is used for configuring authentication, which means to check if the user has entered the correct credentials. The
authz is used for authorisation, which defines how the role(s) for an authenticated user are retrieved and mapped.
In most cases, you want to configure both authentication and authorization, however, it is also possible to use authentication only and map the users retrieved from LDAP directly to Search Guard roles.