X-pack security: Which ES node will connect to the LDAP/AD?


In a cluster with multiple ES nodes deployment, say different server for data, master, ingest, and client node, where do we have to specify the LDAP realm security setting and from where the actual authentication request to LDAP/AD will be done?

Will it need to be defined on each node and then the LDAP request will only be performed by the elected master node?

(Alexander Reelsen) #2


the LDAP request will happen on the node that got hit by the initial request, so you have to update your YAML file on every node and restart.

Executing LDAP requests is independent from a node being master or not.

Hope this helps.



Thanks Alex!

(system) #4