# Siren Platform User Guide

#### Verification

After sg_config.yml has been loaded you can verify if the authentication is working by mapping a username in the Active Directory / Kerberos domain to a Search Guard role mapping, for example:

sirenuser:
users:
- sirenuser
- domainuser

After the mapping is loaded to the cluster, logon to a machine in the domain with the domain user and open the cluster URL in a Kerberos enabled browser (for example Chrome on Windows).

If everything is set up correctly you should see the default JSON response of Elasticsearch in the browser without having to enter credentials, for example:

{
"name" : "Node",
"cluster_name" : "cluster",
"cluster_uuid" : "nimUDAyBQWSskuHoAQG06A",
"version" : {
"number" : "5.4.0",
"build_hash" : "fcbb46dfd45562a9cf00c604b30849a6dec6b017",
"build_timestamp" : "2017-01-03T11:33:16Z",
"build_snapshot" : false,
"lucene_version" : "5.5.2"
},
"tagline" : "You Know, for Search"
}

If you are getting an authentication popup, ensure that the Elasticsearch cluster URL is in a trusted zone.

To add a site to the trusted zone on Windows:

1. Open Internet Explorer and click Internet options.

2. Click the Security tab.

3. Click Local Intranet.

4. Click Sites.