You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/11/26 18:36:00 UTC

[jira] [Updated] (AMBARI-24951) Use Ambari CLI to specify which services should be setup for LDAP integration

     [ https://issues.apache.org/jira/browse/AMBARI-24951?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ASF GitHub Bot updated AMBARI-24951:
------------------------------------
    Labels: pull-request-available  (was: )

> Use Ambari CLI to specify which services should be setup for LDAP integration
> -----------------------------------------------------------------------------
>
>                 Key: AMBARI-24951
>                 URL: https://issues.apache.org/jira/browse/AMBARI-24951
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>    Affects Versions: 2.8.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Blocker
>              Labels: pull-request-available
>             Fix For: 2.8.0
>
>
> Use Ambari CLI to specify which services should be setup for LDAP integration.
> {noformat:title=Example}
> [root@c7402 ~]# ambari-server setup-ldap
> Using python  /usr/bin/python
> Currently 'no auth method' is configured, do you wish to use LDAP instead [y/n] (y)? y
> Enter Ambari Admin login: admin
> Enter Ambari Admin password:
> Fetching LDAP configuration from DB. No configuration.
> Please select the type of LDAP you want to use [AD/IPA/Generic](Generic):
> Primary LDAP Host (ldap.ambari.apache.org): c7401.ambari.apache.org
> Primary LDAP Port (389):
> Secondary LDAP Host <Optional>:
> Secondary LDAP Port <Optional>:
> Use SSL [true/false] (false):
> User object class (posixUser):
> User ID attribute (uid):
> User group member attribute (memberOf): 
> Group object class (posixGroup):
> Group name attribute (cn):
> Group member attribute (memberUid):
> Distinguished name attribute (dn):
> Search Base (dc=ambari,dc=apache,dc=org):
> Referral method [follow/ignore] (follow):
> Bind anonymously [true/false] (false):
> Bind DN (uid=ldapbind,cn=users,dc=ambari,dc=apache,dc=org): uid=admin,cn=users,dc=ambari,dc=apache,dc=org
> Enter Bind DN Password:
> Confirm Bind DN Password:
> Handling behavior for username collisions [convert/skip] for LDAP sync (skip):
> Force lower-case user names [true/false]:true
> Results from LDAP are paginated when requested [true/false]:true
> Use LDAP authentication for Ambari [y/n] (n)?
> Manage LDAP configurations for eligible services [y/n] (n)? y
>  Manage LDAP for all services [y/n] (n)?
>     Manage LDAP for HDFS [y/n] (y)? y
>     Manage LDAP for YARN [y/n] (y)? y
>     ...
> Save settings [y/n] (y)? y
> Saving LDAP properties...
> Saving LDAP properties finished
> Ambari Server 'setup-ldap' completed successfully.
> {noformat}
> NOTE: this will require obtaining an Ambari administrator username and password to GET, PUT, and POST to the Ambari REST API.
> Note: "User group member attribute (memberOf)" is to be added to populate the existing {{ambari.ldap.attributes.user.group_member_attr}} Ambari configuration property (See {{org.apache.ambari.server.configuration.AmbariServerConfigurationKey#USER_GROUP_MEMBER_ATTRIBUTE}})



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)