Generic, Open LDAP setup example

If the users for whom you want to enable authentication into Ambari UI are stored in LDAP, you should configure Ambari to integrate directly against your LDAP instance. Selecting Generic LDAP as an LDAP type helps the wizard configure some smarter defaults for the the attribute values that tend to work in most OpenLDAP instances.

Gather details about your OpenLDAP instance from your LDAP administrator and provide them as input to the cli wizard. Verify the settings before you confirm them as these instances can be configured in various ways.

To configure LDAP integration against generic LDAP using the cli wizard:

Run ambari-server setup-ldap on the Ambari server host.

Provide the following information about your domain.

Prompt	Example value for OpenLDAP
Please select the type of LDAP you want to use :	Generic
Primary URL Host*	openldap.hortonworks.site
Primary URL Port	389
Secondary URL Host (optional)
Secondary URL Port (optional)
Use SSL*	false
Do you want to provide custom TrustStore for Ambari [y/n]	n
TrustStore type
Path to TrustStore
Password for TrustStore
User object class	organizationalPerson
User name attribute*	uid
Group object class*	groupOfNames
Group name attribute*	cn
Group member attribute*	uniquemember
Distinguished name attribute*
Search Base	ou=people,dc=hortonworks,dc=site
Referral method*	follow
Bind anonymously*	false
Bind DN:	uid=ldapbind,ou=people,dc=hortonworks,dc=site
Bind DN Password:
Handling behavior for username collisions:	convert
Force lower-case user names	true
Results from LDAP are paginated when requeste	false

Verify your default settings.

Synchronize your LDAP users and groups.