adding basic_auth config to ldap #907 (#7671) (#7675)

opensearch-project · Jul 10, 2024 · cfa159d · cfa159d
1 parent 9a40f6a
commit cfa159d
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/_security/authentication-backends/ldap.md b/_security/authentication-backends/ldap.md
@@ -61,8 +61,21 @@ We provide a fully functional example that can help you understand how to use an
 
 To enable LDAP authentication and authorization, add the following lines to `config/opensearch-security/config.yml`:
 
+The internal user database authentication should also be enabled because OpenSearch Dashboards connects to OpenSearch using the `kibanaserver` internal user.
+{: .note}
+
 ```yml
 authc:
+  internal_auth:
+    order: 0
+    description: "HTTP basic authentication using the internal user database"
+    http_enabled: true
+    transport_enabled: true
+    http_authenticator:
+      type: basic
+      challenge: false
+    authentication_backend:
+      type: internal
   ldap:
     http_enabled: true
     transport_enabled: true