How to See Active Directory USer in SearchGuard

Hi,

Where i cant see the Ad User Sync in searchguard based on Following

1. When i hit _searchguard/api/configuration/internalusers thorugh Postman ,i can,t See my Active Directory user in json

2. IS _searchguard Ldap/Ad Module support By-Directional sync like If i create user in search guard is it also create user in Active Directory

Why do you expect to see LDAP users in the internal user database? That makes no sense. The point of LDAP is to have centralized user management, so LDAP and the intern user database are two completely different things.

The internal user database, as the name implies, stores users and passwords in the Search Guard configuration index. It’s a community feature and you can use it when you do not want/need to use an external authentication mechanism like LDAP, JWT, Kerberos etc.

There’s no syncing involved in any way, these are two completely different ways of authentication.

Thanks ,

So, my question is how search-guard know that User is from Ldap/AD .If User is from LdapAD how we get to Assign Role and Permission Who will see what

Yes, i understand internal user Rest API is Different Authentication,But if i want to use Ldap USer ,Group in defining Role Is there any Api Available

Also Any way to Create User in SearchGuard Reflected in Ldap/AD

This was my Last Confirmation from you

The mapping of users and roles is always the same, regardless whether a user was authenticated by LDAP, JWT or something else.

We authenticate the user, fetch additional roles (if any), and map the user to a Search Guard role. The permissions are configured on the Search Guard role.

The complete process is described here:

http://floragunncom.github.io/search-guard-docs/configuration.html