Configure authentication using Active Directory

How to configure authentication using Active Directory in Cloudera Manager.

  1. Log in to the Cloudera Manager Admin Console.
  2. Select Administration > Settings
  3. Select External Authentication in the Category filter.
  4. For Authentication Backend Order, select the order in which Cloudera Manager should look up authentication credentials for login attempts.
    The Authentication Backend Order options are :
    • Database Only
    • External then Database
    • Database then External
    • External Only (with emergency Administrator access)
    • External Only (without emergency Administrator access)
  5. For External Authentication Type, select Active Directory.
  6. In the LDAP URL property, enter the URL of the Active Directory server.
  7. In the Active Directory Domain property, provide the domain to authenticate against.

    LDAP URL and Active Directory are the only settings required to allow anyone in Active Directory to log in to Cloudera Manager.

    For example, if you set LDAP URL to ldap://adserver.example.com and the Active Directory Domain to ADREALM.EXAMPLE.COM, users can log into Cloudera Manager using just their username, such as sampleuser. They no longer require the complete string: sampleuser@ADREALM.EXAMPLE.COM.

  8. Restart the Cloudera Manager Server.