You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/11/26 18:36:00 UTC
[jira] [Updated] (AMBARI-24951) Use Ambari CLI to specify which
services should be setup for LDAP integration
[ https://issues.apache.org/jira/browse/AMBARI-24951?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ASF GitHub Bot updated AMBARI-24951:
------------------------------------
Labels: pull-request-available (was: )
> Use Ambari CLI to specify which services should be setup for LDAP integration
> -----------------------------------------------------------------------------
>
> Key: AMBARI-24951
> URL: https://issues.apache.org/jira/browse/AMBARI-24951
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
> Affects Versions: 2.8.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Blocker
> Labels: pull-request-available
> Fix For: 2.8.0
>
>
> Use Ambari CLI to specify which services should be setup for LDAP integration.
> {noformat:title=Example}
> [root@c7402 ~]# ambari-server setup-ldap
> Using python /usr/bin/python
> Currently 'no auth method' is configured, do you wish to use LDAP instead [y/n] (y)? y
> Enter Ambari Admin login: admin
> Enter Ambari Admin password:
> Fetching LDAP configuration from DB. No configuration.
> Please select the type of LDAP you want to use [AD/IPA/Generic](Generic):
> Primary LDAP Host (ldap.ambari.apache.org): c7401.ambari.apache.org
> Primary LDAP Port (389):
> Secondary LDAP Host <Optional>:
> Secondary LDAP Port <Optional>:
> Use SSL [true/false] (false):
> User object class (posixUser):
> User ID attribute (uid):
> User group member attribute (memberOf):
> Group object class (posixGroup):
> Group name attribute (cn):
> Group member attribute (memberUid):
> Distinguished name attribute (dn):
> Search Base (dc=ambari,dc=apache,dc=org):
> Referral method [follow/ignore] (follow):
> Bind anonymously [true/false] (false):
> Bind DN (uid=ldapbind,cn=users,dc=ambari,dc=apache,dc=org): uid=admin,cn=users,dc=ambari,dc=apache,dc=org
> Enter Bind DN Password:
> Confirm Bind DN Password:
> Handling behavior for username collisions [convert/skip] for LDAP sync (skip):
> Force lower-case user names [true/false]:true
> Results from LDAP are paginated when requested [true/false]:true
> Use LDAP authentication for Ambari [y/n] (n)?
> Manage LDAP configurations for eligible services [y/n] (n)? y
> Manage LDAP for all services [y/n] (n)?
> Manage LDAP for HDFS [y/n] (y)? y
> Manage LDAP for YARN [y/n] (y)? y
> ...
> Save settings [y/n] (y)? y
> Saving LDAP properties...
> Saving LDAP properties finished
> Ambari Server 'setup-ldap' completed successfully.
> {noformat}
> NOTE: this will require obtaining an Ambari administrator username and password to GET, PUT, and POST to the Ambari REST API.
> Note: "User group member attribute (memberOf)" is to be added to populate the existing {{ambari.ldap.attributes.user.group_member_attr}} Ambari configuration property (See {{org.apache.ambari.server.configuration.AmbariServerConfigurationKey#USER_GROUP_MEMBER_ATTRIBUTE}})
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)