Adding multiple new LDAP/Active Directory realms on the fly

Hi all,

I am currently looking to x-pack and the elastic stack to implement a kind of User Management system, where there will be multiple external "companies" signing up and linking their own external ldap servers/active directories.

I've been looking through the documentation around ldap and active directory realms, and have two main concerns.

  1. The documentation mentions that an ElasticSearch restart is required when configuring a new realm, this doesn't sound optimal for my use case where a new "company" can link or de-link their active directory at any time.
  2. As order is specified in the configuration, this implies to me that if I have 100 active directories linked, users in active directory 100 will have first had their details checked in the other 99 repositories.

Is there a better method for setting up this kind of use case, where any number of external active directories/ldap repositories can be added and queried on the fly?


Those are the limitations when you want to deploy in this sort of setup.

You could abstract things into the native (API) realm.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.