Cloudera Manager 7.7.1 Cumulative hotfix 7

Know more about the Cloudera Manager 7.7.1 cumulative hotfixes 7.

This cumulative hotfix was released on April 20, 2023.

Following are the list of known issues and their corresponding workarounds that are shipped for Cloudera Manager 7.7.1 CHF7 (version: 7.7.1-h7-39964696):
OPSAPS-68689: Unable to emit the LDAP Bind password in core-site.xml for client configurations

If the CDP cluster has LDAP group to OS group mapping enabled, then applications running in Spark or Yarn would fail to authenticate to the LDAP server when trying to use the LDAP bind account during the LDAP group search.

This is because the LDAP bind password was not passed to the /etc/hadoop/conf/core-site.xml file. This was intended behavior to prevent leaking the LDAP bind password in a clear text field.

Set the LDAP Bind password through the HDFS client configuration safety valve.
  1. On the Cloudera Manager UI, navigate to the HDFS service, by clicking on the HDFS service under the Cluster.
  2. Click the Configuration tab. Search for the HDFS Client Advanced Configuration Snippet (Safety Valve) for hdfs-site.xml configuration parameter.

  3. Add an entry with the following values:
    • Name =
    • Value = (Enter the LDAP bind password here)
    • Description = Password for LDAP bind account
  4. Then click the Save Changes button to save the safety valve entry.

  5. Perform the instructions from the Manually Redeploying Client Configuration Files to manually deploy client configuration files to the cluster.

OPSAPS-68452: Azul Open JDK 8 and 11 are not supported with Cloudera Manager

Azul Open JDK 8 and 11 are not supported with Cloudera Manager. To use Azul Open JDK 8 or 11 for Cloudera Manager RPM/DEBs, you must manually create a symlink between the Zulu JDK installation path and the default JDK path.

After installing Azul Open JDK8 or 11, you must run the following commands on all the hosts in the cluster:
Azul Open JDK 8
# sudo ln -s /usr/lib/jvm/java-8-zulu-openjdk-jdk /usr/lib/jvm/java-8-openjdk
Ubuntu or Debian
# sudo ln -s /usr/lib/jvm/zulu-8-amd64 /usr/lib/jvm/java-8-openjdk
Azul Open JDK 11
For DEBs only
# sudo ln -s /usr/lib/jvm/zulu-11-amd64 /usr/lib/jvm/java-11
Following are the list of fixed issues that were shipped for Cloudera Manager 7.7.1 CHF7 (version: 7.7.1-h7-39964696):
  • OPSAPS-64429-Failure on template import if StubDFS created before CORE_SETTINGS
    If the service of type CORE_SETTINGS was explicitly defined in a cluster template, you could run into a failure to import such template. This issue is fixed now.
  • OPSAPS-64526
    When Cloudera Manager is configured to use PAM as an external authentication provider (for logins to Cloudera Manager), if a valid username is denied due to password expiration, then Cloudera Manager will deny all future login attempts for any username. This issue is fixed now.
  • OPSAPS-65267

    Cross-site sessions were prohibited in the latest browsers because of SameSite header by default was set to Lax. This issue is fixed now by adding SameSite=None with a secure attribute for the session cookies that are created after login so that cross-site secure cookies are supported.

    The secure attribute works only with TLS-configured clusters. You must have a TLS-enabled cluster for cross-site sessions to work.

  • NAV-7341-Spark extractor issues with HDFS namespace

    When Navigator is installed and started with CDP installation, the Agent could move Spark lineage files out of the lineage directory which are not processed by Navigator. This issue is fixed now.

  • The repositories for Cloudera Manager 7.7.1-CHF7 are listed in the following table:

    Table 1. Cloudera Manager 7.7.1-CHF7
    Repository Type Repository Location
    RHEL 8 Compatible Repository:
    Repository File:
    RHEL 7 Compatible Repository:
    Repository File:
    SLES 12 Repository:
    Repository File:
    Ubuntu 20 Repository:
    Repository file:
    Ubuntu 18 Repository:
    Repository file: