-->

DEVOPSZONES

  • Recent blogs

    How to configure the Ambari Authentication with LDAP (FreeIPA)

    How to configure the Ambari Authentication with LDAP (FreeIPA)

    amabari

    If you are here , then you must be looking for ways to integrate  Ambari to the LDAP. To Enable authentication should configure Ambari to integrate directly against your IPA instance.

    Steps :


    1. Run ambari-server setup-ldap on the Ambari server host.
    2. Provide the following information about your domain.

    Prompt                                                                       Example value for IPA
    do you wish to use LDAP instead [y/n] (y)                                  Y
    Primary URL Host*                                                        ipa.hadoopcluster.site
    Primary URL Port                                                                   389
    Secondary URL Host (optional)                                          
    Secondary URL Port (optional)                                            
    Use SSL* [true/false] (false):                                                      false
    User object class* (person):                                                       person
    User name attribute* (uid):                                                          uid
    Group object class* (posixGroup):                                         posixGroup
    Group name attribute* (cn):                                                          cn
    Group member attribute* (memberUid):                                   member
    Distinguished name attribute* (dn):                                             dn
    Base DN* (dc=ambari,dc=apache,dc=org):                  cn=accounts,dc=hadoopcluster,dc=com
    Referral method [follow/ignore] :                                                   follow
    Bind anonymously* [true/false] (false):                                             false
    Handling behavior for username collisions [convert/skip] for LDAP sync* (convert):    convert
    Force lower-case user names [true/false] :                                           true
    Results from LDAP are paginated when requested [true/false] :         false
    Manager DN* :                                                          uid=hadoopadmin,cn=users,cn=accounts,dc=hadoopcluster,dc=com
    Enter Manager Password* :
    Re-enter password:

    After you Pass on these settings "Review Settings" will be shown up and it'll ask to save the configurations. Then it'll ask the amabari Admin name/password to set Ambari server ldap.

    Save settings [y/n] (y)? y
    Saving LDAP properties...
    Enter Ambari Admin login: admin
    Enter Ambari Admin password:
    Saving LDAP properties finished
    Ambari Server 'setup-ldap' completed successfully.
    [root@hadoopcluster ldaptool]#


    3. Restart Ambari Server.

    [root@hadoopcluster ldaptool]# ambari-server restart
    Using python  /usr/bin/python

    Check the ambari Server status

    [root@hadoopcluster ldaptool]# ambari-server status
    Using python  /usr/bin/python
    Ambari-server status
    Ambari Server running
    Found Ambari Server PID: 4214 at: /var/run/ambari-server/ambari-server.pid
    [root@hadoopcluster ldaptool]#


    Now we need to sync the ldap to amabari server.


    [root@hadoopcluster ldaptool]# ambari-server sync-ldap --all
    Using python  /usr/bin/python
    Syncing with LDAP...
    Enter Ambari Admin login: admin
    Enter Ambari Admin password:

    Fetching LDAP configuration from DB.
    Syncing all...

    Completed LDAP Sync.
    Summary:
      memberships:
        removed = 0
        created = 41
      users:
        skipped = 0
        removed = 0
        updated = 3
        created = 19
      groups:
        updated = 0
        removed = 0
        created = 13

    Ambari Server 'sync-ldap' completed successfully.
    [root@hadoopcluster ldaptool]#

    No comments