[DOCS] Merges duplicate pages for Active Directory realms (#49205)

Author: lcawl

docs/reference/redirects.asciidoc

@@ -996,3 +996,17 @@ See <<pki-realm>>.
 
 See <<ref-pki-settings>>.
 
+[role="exclude",id="configuring-ad-realm"]
+=== Configuring an Active Directory realm
+
+See <<ad-realm-configuration>>.
+
+[role="exclude",id="ad-settings"]
+=== Active Directory realm settings
+
+See <<ref-ad-settings>>.
+
+[role="exclude",id="mapping-roles-ad"]
+=== Mapping Active Directory users and groups to roles
+
+See <<ad-realm-configuration>>. 

x-pack/docs/en/security/authentication/active-directory-realm.asciidoc

@@ -3,11 +3,7 @@
 === Active Directory user authentication
 
 You can configure {stack} {security-features} to communicate with Active
-Directory to authenticate users. To integrate with Active Directory, you
-configure an `active_directory` realm and map Active Directory users and groups
-to roles in the <<mapping-roles, role mapping file>>.
-
-See {ref}/configuring-ad-realm.html[Configuring an active directory realm].
+Directory to authenticate users. See <<ad-realm-configuration>>.
 
 The {security-features} use LDAP to communicate with Active Directory, so
 `active_directory` realms are similar to <<ldap-realm, `ldap` realms>>. Like
@@ -33,25 +29,10 @@ Active Directory. Once the user has been found, the Active Directory realm then
 retrieves the user's group memberships from the `tokenGroups` attribute on the
 user's entry in Active Directory.
 
-[[ad-load-balancing]]
-==== Load balancing and failover
-The `load_balance.type` setting can be used at the realm level to configure how
-the {security-features} should interact with multiple Active Directory servers.
-Two modes of operation are supported: failover and load balancing.
-
-See
-{ref}/security-settings.html#load-balancing[Load balancing and failover settings].
-
-[[ad-settings]]
-==== Active Directory realm settings
-
-See
-{ref}/security-settings.html#ref-ad-settings[Active Directory realm settings].
-
-[[mapping-roles-ad]]
-==== Mapping Active Directory users and groups to roles
+[[ad-realm-configuration]]
+==== Configuring an Active Directory realm
 
-See {ref}/configuring-ad-realm.html[Configuring an Active Directory realm]. 
+include::configuring-active-directory-realm.asciidoc[]
 
 [[ad-user-metadata]]
 ==== User metadata in Active Directory realms
@@ -67,14 +48,22 @@ properties are populated in the user's _metadata_:
 |=======================
 
 This metadata is returned in the 
-{ref}/security-api-authenticate.html[authenticate API] and can be used with
+<<security-api-authenticate,authenticate API>> and can be used with
 <<templating-role-query, templated queries>> in roles.
 
 Additional metadata can be extracted from the Active Directory server by configuring
 the `metadata` setting on the Active Directory realm.
 
+[[ad-load-balancing]]
+==== Load balancing and failover
+The `load_balance.type` setting can be used at the realm level to configure how
+the {security-features} should interact with multiple Active Directory servers.
+Two modes of operation are supported: failover and load balancing.
+
+See
+<<load-balancing>>.
+
 [[active-directory-ssl]]
 ==== Setting up SSL between Elasticsearch and Active Directory
 
-See 
-{ref}/configuring-tls.html#tls-active-directory[Encrypting communications between {es} and Active Directory].
+See <<tls-active-directory>>.

x-pack/docs/en/security/authentication/configuring-active-directory-realm.asciidoc

@@ -1,14 +1,6 @@
-[role="xpack"]
-[[configuring-ad-realm]]
-=== Configuring an Active Directory realm
-
-You can configure {es} to communicate with Active Directory to authenticate
-users. To integrate with Active Directory, you configure an `active_directory`
+To integrate with Active Directory, you configure an `active_directory`
 realm and map Active Directory users and groups to roles in the role mapping file.
 
-For more information about Active Directory realms, see 
-<<active-directory-realm>>.
-
 . Add a realm configuration of type `active_directory` to `elasticsearch.yml`
 under the `xpack.security.authc.realms.active_directory` namespace.
 At a minimum, you must specify the Active Directory `domain_name`.

x-pack/docs/en/security/authorization/run-as-privilege.asciidoc

@@ -12,7 +12,7 @@ To "run as" (impersonate) another user, you must be able to retrieve the user fr
 the realm you use to authenticate. Both the internal `native` and `file` realms
 support this out of the box. The LDAP realm must be configured to run in
 <<ldap-realm-configuration,_user search_ mode>>. The Active Directory realm must be
-<<ad-settings,configured with a `bind_dn` and `secure_bind_password`>> to support
+<<ref-ad-settings,configured with a `bind_dn` and `secure_bind_password`>> to support
 _run as_. The PKI, Kerberos, and SAML realms do not support _run as_.
 
 To submit requests on behalf of other users, you need to have the `run_as`

x-pack/docs/en/security/configuring-es.asciidoc

@@ -72,7 +72,7 @@ TIP: The types of authentication realms that you can enable varies according to
 your subscription. For more information, see https://www.elastic.co/subscriptions.
 
 --
-** <<configuring-ad-realm,Active Directory realms>>
+** <<active-directory-realm,Active Directory realms>>
 ** <<file-realm,File realms>>
 ** <<kerberos-realm,Kerberos realms>>
 ** <<ldap-realm,LDAP realms>>
@@ -139,8 +139,6 @@ To walk through the configuration of {security-features} in {es}, {kib}, {ls}, a
 
 
 include::securing-communications/separating-node-client-traffic.asciidoc[]
-include::authentication/configuring-active-directory-realm.asciidoc[]
-
 include::reference/files.asciidoc[]
 include::fips-140-compliance.asciidoc[]
 

x-pack/docs/en/security/securing-communications/tls-ad.asciidoc

@@ -13,7 +13,7 @@ to have the Active Directory server's certificate or the server's root CA
 certificate installed in their keystore or truststore. 
 
 . Create the realm configuration for the `xpack.security.authc.realms` namespace 
-in the `elasticsearch.yml` file. See <<configuring-ad-realm>>. 
+in the `elasticsearch.yml` file. See <<ad-realm-configuration>>. 
 
 . Set the `url` attribute in the realm configuration to specify the LDAPS protocol
 and the secure port number. For example, `url: ldaps://ad.example.com:636`.