Is there any way to use Active Directory for authentication, however, continue to use the roles only inside ELK ? (without to map ELK roles with AD groups)
Based on the documentation, it seems the default is to have the roles managed by AD:
" Since with the active_directory realm the users are managed externally in the Active Directory server, the expectation is that their roles are managed there as well. In fact, Active Directory supports the notion of groups, which often represent user roles for different systems in the organization. "