By default in Data Center installations, Atlas uses PAM
authentication, which means valid Atlas users correspond to the users
configured for the operating system on the host where Atlas runs. Cloud
installations do not use PAM authentication.
These steps describe setting properties to enable PAM
authentication. To disable PAM, you can remove the properties or set the
PAM authentication method property to false. If you leave the PAM
authentication method to true and set another authentication method to
true, Atlas uses both methods to authenticate users.
Minimum Required Role in Cloudera Manager: Full Administrator.
In Cloudera Manager, select the Atlas service, then open the
Configuration tab.
To display the appropriate property, type "safety" in the Search
box.
Find the Atlas Server Advanced Configuration Snippet
(Safety Valve) for
conf/atlas-application.properties.
In the safety valve, set the following properties:
atlas.authentication.method.pam=true
atlas.authentication.method.pam.service=login service
where login service indicates the desired
PAM login service. For example, set
atlas.authentication.method.pam.service=login to
use /etc/pam.d/login.
Click Save Changes.
Restart the Atlas service.
Once the PAM authentication is enabled for Atlas on a Private Cloud
Base cluster, to access Atlas, note the following:
If Atlas was configured using LDAP or Active
Directory, the same user role which was set-up can be authenticated and
used for accessing Atlas.
For an Operating System user, you can add the user using useradd or
adduser commands and later access Atlas.
These steps describe setting properties to enable PAM
authentication. To disable PAM, you can remove the properties or set the
PAM authentication method property to false. If you leave the PAM
authentication method to true and set another authentication method to
true, Atlas uses both methods to authenticate users.
