Import and synchronize users and groups with an LDAP server in Hue
Configuring Hue for Lightweight Directory Access Protocol (LDAP) enables you to import users and groups from a directory service, synchronize group membership manually or automatically at login, and authenticate users with LDAP.
To synchronize your Hue users and groups with your LDAP server:
- Hue must be configured to authenticate with LDAP.
- The logged in user must have Hue superuser permissions.
There are four LDAP import and sync options in Hue:
| LDAP Sync Action | Description |
|---|---|
| Add/Sync LDAP user | Import and synchronize one user at a time |
| Sync LDAP users/groups | Synchronize user memberships in all groups |
| Add/Sync LDAP group | Import and synchronize all users in one group |
sync_groups_at_login |
Automatically synchronize group membership at login |
-
Import and synchronize LDAP users in Hue:
To import and synchronize one LDAP user in Hue:- Log on to the Hue UI as a superuser.
- Go to .
- Click Add/Sync LDAP user.
- Add a username, check Create home directory, and click Add/Sync user.
To synchronize group memberships for LDAP users who have already been imported to Hue:- Log on to the Hue UI as a superuser.
- Go to .
- Click Sync LDAP users/groups.
- Check Create home directories, and click Sync.
-
Import and synchronize LDAP groups in Hue:
To import and synchronize one LDAP group containing its users:- Log on to the Hue UI as a superuser.
- Go to .
- Click Add/Sync LDAP group.
- Check Create home directories, and click Sync.
To configure Hue to automatically synchronize LDAP groups and their users when they log in to Hue:- Log on to Cloudera Manager and click Hue.
- Click the Configuration tab and filter by scope=Service-wide and category=Advanced.
-
Enter the following text in the Hue Service Advanced Configuration Snippet (Safety Valve) for hue_safety_valve.ini text box:
[desktop] [[ldap]] sync_groups_on_login=true
- Click Save Changes and Restart Hue.
