Active Directory Integrations

Introduction 

Elastic Stack security features can be configured to authenticate users through Active Directory by using LDAP to communicate with the directory. Active Directory realms are similar to LDAP realms, as they both store users and groups in a hierarchical structure, which includes containers such as organizational units (OU), organizations (O), and domain components (DC). 

The security features support authentication based on Active Directory security groups, but not distribution groups. When authenticating users, the username entered must match the sAMAccountName or userPrincipalName, not the common name (cn). The realm authenticates users via an LDAP bind request, searches for their entry in Active Directory, and retrieves their group memberships from the tokenGroups attribute to assign appropriate roles.

I. Active Directory Information Lookup 

Finding the Base DN (Distinguished Name)

Method 1: Using Active Directory GUI

1. Open "Active Directory Users and Computers"

2. Right-click on your domain

3. Select "Properties"

4. Look for the "Distinguished Name" field

Method 2: Using PowerShell

1. Open PowerShell with administrator privileges
2. Run the command:
3. The output will be in the format: "DC=company,DC=local"

II. Finding Active Directory URL

Method 1: PowerShell

1. Open PowerShell as administrator
2. Run the command:
   

   

    

3. Take the DC name from the output
   • LDAP://servername.domain.com
   • LDAP://server-IP
     

III. Navigate to Users

If you need further assistance, kindly contact our support at info@cytechint.com for prompt assistance and guidance.