Document-level security - User attributes from LDAP

stmx38 · July 24, 2019, 5:48am

Hello,

We have started to use ABAC as described in the documentation: https://opendistro.github.io/for-elasticsearch-docs/docs/security-access-control/document-level-security/

With some workaround, it works in our case: Document-level security - Multiple attributes based access

And now we consider to use LDAP users instead of the internal ones.
Is there a way to use somehow LDAP user attributes how we use it for the internal ones?

Thank you!

Anthony · April 26, 2021, 11:06am

@stmx38
Did you manage to get this working?

The LDAP attributes can be used for DLS as below:

dls: ‘{“term” : {“tel”: “${attr.ldap.department}”}}’

further docs are available here

Topic		Replies	Views
Document-level security - Multiple attributes based access Security	9	2172	November 4, 2021
Custom attributes for LDAP users Security	5	337	August 9, 2021
Document - User mapping in DLS Security	1	226	September 30, 2022
Users from internal db checked over LDAP Security	2	1868	July 12, 2019
Map LDAP Users to Admin Role Security	3	1741	April 30, 2021

Document-level security - User attributes from LDAP

Related Topics