I want to integrate Azure Active Directory with Shield (an ElasticSearch plugin) and trying to figure out what values I need to specify in this section of Shiled configuration
shield:
authc:
realms:
active_directory:
type: active_directory
order: 0
domain_name: ad.example.com
url: ldaps://ad.example.com:636
unmapped_groups_as_roles: true
...
https://www.elastic.co/guide/en/shield/current/active-directory.htmlFor my .Net application, I specify
<add key="ida:AADInstance" value="https://login.microsoftonline.com/{0}" />
<add key="ida:Tenant" value="[Enter the name of your tenant, e.g. contoso.onmicrosoft.com]" />
<add key="ida:ClientId" value="[Enter the Client Id of your application from the portal, e.g. 7de803e2-9k32-4e7a-8335-b77ae40297f0]" />
<add key="ida:RedirectUri" value="[Enter the Redirect URI of your application from the portal, e.g. http://TodoListClient]" /> and trying to figure out how this maps with Shield configuration.
From the documentation you referred to in https://www.elastic.co/guide/en/shield/current/active-directory.html, ElasticSearch uses LDAP for integrating with Active Directory. That protocol works with on-premises AD, but not with classic Azure Active Directory (which is what the settings form your .NET app refer to). If you want you can give a try to the (currently in preview) domain services offering, which does provide LDAP, but I am not sure if that's what you want here.