You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ambari.apache.org by John Lane <jo...@googlemail.com> on 2015/06/09 14:26:22 UTC
ambari user management
Hi,
It seems that theprocedure described below in the user mailing list
March 2014 no longer works (with Ambari 1.7), is there a recommended
alternative?
*******************
No, admins cannot change user passwords via configs.sh; configs.sh is a
wrapper that uses the API to manage "configuration" objects that do not
deal with user passwords.
However, admins can change passwords directly via the API (or with a
similar wrapper script).
Here's an example:
curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d
'{"Users":{"roles":"admin,user","password":"mysecret","old_password":"admin"}}'http://localhost:8080/api/v1/users/<user-name>
where:
* "roles" is a comma-delimited list of roles that the user should belong to
"admin,user" for admin users; just "user" for non-admin users.
* "password" is the new password to set for the user
* "old_password" is misleading, but* it's the password of the admin user
invoking this call*. If you omit this parameter, the API call seems to go
thru, but the password does not actually change. This is a bit redundant
and confusing, but that's how it works today...
I hope this helps!
Yusaku
****************
Regards
Re: ambari user management
Posted by John Lane <jo...@googlemail.com>.
Hi Yusaku,
Thanks so much. That worked perfectly.
Regards
John
On Fri, Jun 12, 2015 at 8:36 AM, Yusaku Sako <yu...@hortonworks.com> wrote:
> Ah, you are right, John.
>
> Please try the following call:
>
> curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d '{"Users/password":"mysecret","Users/old_password":"admin"}}'http://localhost:8080/api/v1/users/<user-name>
>
> I hope this helps.
>
> Yusaku
>
> From: John Lane <jo...@googlemail.com>
> Reply-To: "user@ambari.apache.org" <us...@ambari.apache.org>
> Date: Tuesday, June 9, 2015 5:26 AM
> To: "user@ambari.apache.org" <us...@ambari.apache.org>
> Subject: ambari user management
>
> Hi,
>
> It seems that theprocedure described below in the user mailing list March 2014 no longer works (with Ambari 1.7), is there a recommended alternative?
>
> *******************
>
> No, admins cannot change user passwords via configs.sh; configs.sh is a
> wrapper that uses the API to manage "configuration" objects that do not
> deal with user passwords.
> However, admins can change passwords directly via the API (or with a
> similar wrapper script).
> Here's an example:
>
> curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d
> '{"Users":{"roles":"admin,user","password":"mysecret","old_password":"admin"}}'http://localhost:8080/api/v1/users/<user-name>
>
> where:
> * "roles" is a comma-delimited list of roles that the user should belong to
> "admin,user" for admin users; just "user" for non-admin users.
> * "password" is the new password to set for the user
> * "old_password" is misleading, but* it's the password of the admin user
> invoking this call*. If you omit this parameter, the API call seems to go
> thru, but the password does not actually change. This is a bit redundant
> and confusing, but that's how it works today...
>
> I hope this helps!
>
> Yusaku
>
> ****************
>
> Regards
>
>
Re: ambari user management
Posted by Yusaku Sako <yu...@hortonworks.com>.
Ah, you are right, John.
Please try the following call:
curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d '{"Users/password":"mysecret","Users/old_password":"admin"}}'
http://localhost:8080/api/v1/users/<user-name>
I hope this helps.
Yusaku
From: John Lane <jo...@googlemail.com>>
Reply-To: "user@ambari.apache.org<ma...@ambari.apache.org>" <us...@ambari.apache.org>>
Date: Tuesday, June 9, 2015 5:26 AM
To: "user@ambari.apache.org<ma...@ambari.apache.org>" <us...@ambari.apache.org>>
Subject: ambari user management
Hi,
It seems that theprocedure described below in the user mailing list March 2014 no longer works (with Ambari 1.7), is there a recommended alternative?
*******************
No, admins cannot change user passwords via configs.sh; configs.sh is a
wrapper that uses the API to manage "configuration" objects that do not
deal with user passwords.
However, admins can change passwords directly via the API (or with a
similar wrapper script).
Here's an example:
curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d
'{"Users":{"roles":"admin,user","password":"mysecret","old_password":"admin"}}'
http://localhost:8080/api/v1/users/<user-name>
where:
* "roles" is a comma-delimited list of roles that the user should belong to
"admin,user" for admin users; just "user" for non-admin users.
* "password" is the new password to set for the user
* "old_password" is misleading, but* it's the password of the admin user
invoking this call*. If you omit this parameter, the API call seems to go
thru, but the password does not actually change. This is a bit redundant
and confusing, but that's how it works today...
I hope this helps!
Yusaku
****************
Regards