From 46962308aa9eb274231ba79ce295baad54ce015a Mon Sep 17 00:00:00 2001 From: Lisa Cawley Date: Fri, 30 Nov 2018 16:58:19 -0800 Subject: [PATCH] [DOCS] Replace deprecated ldap setting (#36022) --- .../configuring-ldap-realm.asciidoc | 25 ++++++++++--------- 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/x-pack/docs/en/security/authentication/configuring-ldap-realm.asciidoc b/x-pack/docs/en/security/authentication/configuring-ldap-realm.asciidoc index 9cc54effa1f..b198aa4edb9 100644 --- a/x-pack/docs/en/security/authentication/configuring-ldap-realm.asciidoc +++ b/x-pack/docs/en/security/authentication/configuring-ldap-realm.asciidoc @@ -2,12 +2,12 @@ [[configuring-ldap-realm]] === Configuring an LDAP realm -You can configure {security} to communicate with a Lightweight Directory Access -Protocol (LDAP) server to authenticate users. To integrate with LDAP, you -configure an `ldap` realm and map LDAP groups to user roles. +You can configure {es} to authenticate users by communicating with a Lightweight +Directory Access Protocol (LDAP) server. To integrate with LDAP, you configure +an `ldap` realm and map LDAP groups to user roles. For more information about LDAP realms, see -{xpack-ref}/ldap-realm.html[LDAP User Authentication]. +{stack-ov}/ldap-realm.html[LDAP User Authentication]. . Determine which mode you want to use. The `ldap` realm supports two modes of operation, a user search mode and a mode with specific templates for user DNs. @@ -52,7 +52,7 @@ xpack: bind_dn: "cn=ldapuser, ou=users, o=services, dc=example, dc=com" user_search: base_dn: "dc=example,dc=com" - attribute: cn + filter: "(cn={0})" group_search: base_dn: "dc=example,dc=com" files: @@ -115,12 +115,13 @@ All LDAP operations run as the authenticating user. -- -. (Optional) Configure how {security} should interact with multiple LDAP servers. +. (Optional) Configure how the {security-features} interact with multiple LDAP +servers. + -- -The `load_balance.type` setting can be used at the realm level. {security} -supports both failover and load balancing modes of operation. See -<>. +The `load_balance.type` setting can be used at the realm level. The {es} +{security-features} support both failover and load balancing modes of operation. +See <>. -- . (Optional) To protect passwords, @@ -186,9 +187,9 @@ user: <3> The LDAP distinguished name (DN) of the `users` group. For more information, see -{xpack-ref}/ldap-realm.html#mapping-roles-ldap[Mapping LDAP Groups to Roles] +{stack-ov}/ldap-realm.html#mapping-roles-ldap[Mapping LDAP Groups to Roles] and -{xpack-ref}/mapping-roles.html[Mapping Users and Groups to Roles]. +{stack-ov}/mapping-roles.html[Mapping Users and Groups to Roles]. NOTE: The LDAP realm supports {stack-ov}/realm-chains.html#authorization_realms[authorization realms] as an @@ -202,7 +203,7 @@ fields in the user's metadata. -- By default, `ldap_dn` and `ldap_groups` are populated in the user's metadata. For more information, see -{xpack-ref}/ldap-realm.html#ldap-user-metadata[User Metadata in LDAP Realms]. +{stack-ov}/ldap-realm.html#ldap-user-metadata[User Metadata in LDAP Realms]. The example below includes the user's common name (`cn`) as an additional field in their metadata.