Generic, Open LDAP setup example
If the users for whom you want to enable authentication into Ambari UI are stored in LDAP, you should configure Ambari to integrate directly against your LDAP instance. Selecting Generic LDAP as an LDAP type helps the wizard configure some smarter defaults for the the attribute values that tend to work in most OpenLDAP instances.
To configure LDAP integration against generic LDAP using the cli wizard:
-
Run
ambari-server setup-ldap
on the Ambari server host. -
Provide the following information about your domain.
Prompt Example value for OpenLDAP Please select the type of LDAP you want to use : Generic Primary URL Host* openldap.hortonworks.site Primary URL Port 389 Secondary URL Host (optional) Secondary URL Port (optional) Use SSL* false Do you want to provide custom TrustStore for Ambari [y/n] n TrustStore type Path to TrustStore Password for TrustStore User object class organizationalPerson User name attribute* uid Group object class* groupOfNames Group name attribute* cn Group member attribute* uniquemember Distinguished name attribute* Search Base ou=people,dc=hortonworks,dc=site Referral method* follow Bind anonymously* false Bind DN: uid=ldapbind,ou=people,dc=hortonworks,dc=site Bind DN Password: Handling behavior for username collisions: convert Force lower-case user names true Results from LDAP are paginated when requeste false - Verify your default settings.