How to configure the Ambari Authentication with LDAP (FreeIPA)
How to configure the Ambari Authentication with LDAP (FreeIPA)
If you are here , then you must be looking for ways to integrate Ambari to the LDAP. To Enable authentication should configure Ambari to integrate directly against your IPA instance.
Steps :
1. Run ambari-server setup-ldap on the Ambari server host.
2. Provide the following information about your domain.
Prompt Example value for IPA
do you wish to use LDAP instead [y/n] (y) Y
Primary URL Host* ipa.hadoopcluster.site
Primary URL Port 389
Secondary URL Host (optional)
Secondary URL Port (optional)
Use SSL* [true/false] (false): false
User object class* (person): person
User name attribute* (uid): uid
Group object class* (posixGroup): posixGroup
Group name attribute* (cn): cn
Group member attribute* (memberUid): member
Distinguished name attribute* (dn): dn
Base DN* (dc=ambari,dc=apache,dc=org): cn=accounts,dc=hadoopcluster,dc=com
Referral method [follow/ignore] : follow
Bind anonymously* [true/false] (false): false
Handling behavior for username collisions [convert/skip] for LDAP sync* (convert): convert
Force lower-case user names [true/false] : true
Results from LDAP are paginated when requested [true/false] : false
Manager DN* : uid=hadoopadmin,cn=users,cn=accounts,dc=hadoopcluster,dc=com
Enter Manager Password* :
Re-enter password:
After you Pass on these settings "Review Settings" will be shown up and it'll ask to save the configurations. Then it'll ask the amabari Admin name/password to set Ambari server ldap.
Save settings [y/n] (y)? y
Saving LDAP properties...
Enter Ambari Admin login: admin
Enter Ambari Admin password:
Saving LDAP properties finished
Ambari Server 'setup-ldap' completed successfully.
[root@hadoopcluster ldaptool]#
3. Restart Ambari Server.
[root@hadoopcluster ldaptool]# ambari-server restart
Using python /usr/bin/python
Check the ambari Server statusUsing python /usr/bin/python
[root@hadoopcluster ldaptool]# ambari-server status
Using python /usr/bin/python
Ambari-server status
Ambari Server running
Found Ambari Server PID: 4214 at: /var/run/ambari-server/ambari-server.pid
[root@hadoopcluster ldaptool]#
Using python /usr/bin/python
Ambari-server status
Ambari Server running
Found Ambari Server PID: 4214 at: /var/run/ambari-server/ambari-server.pid
[root@hadoopcluster ldaptool]#
Now we need to sync the ldap to amabari server.
[root@hadoopcluster ldaptool]# ambari-server sync-ldap --all
Using python /usr/bin/python
Syncing with LDAP...
Enter Ambari Admin login: admin
Enter Ambari Admin password:
Fetching LDAP configuration from DB.
Syncing all...
Completed LDAP Sync.
Summary:
memberships:
removed = 0
created = 41
users:
skipped = 0
removed = 0
updated = 3
created = 19
groups:
updated = 0
removed = 0
created = 13
Ambari Server 'sync-ldap' completed successfully.
[root@hadoopcluster ldaptool]#
Using python /usr/bin/python
Syncing with LDAP...
Enter Ambari Admin login: admin
Enter Ambari Admin password:
Fetching LDAP configuration from DB.
Syncing all...
Completed LDAP Sync.
Summary:
memberships:
removed = 0
created = 41
users:
skipped = 0
removed = 0
updated = 3
created = 19
groups:
updated = 0
removed = 0
created = 13
Ambari Server 'sync-ldap' completed successfully.
[root@hadoopcluster ldaptool]#
About Manas Ranjan Tripathy
No comments