LDAP search fails with invalid credentials error

LDAP authentication fails with an "Invalid credentials" error, even if you input valid login credentials on the Hue login page, and you are unable to log into Hue. To resolve this issue, verify and update the LDAP Bind User credentials using Cloudera Manager.

This issue may happen if the credentials for the LDAP Bind User for Hue configured in Cloudera Manager are invalid. The invalid credentials could either be the “LDAP Bind Password" or "LDAP Bind User Distinguished Name". If the credentials are valid and the issue persists, verify that LDAP Search Base option in Cloudera Manager > Hue > Configurations is valid. The LDAP search base should be similar to 'dc=hadoop,dc=mycompany,dc=com'.

This task assumes that the Use Search Bind Authentication option is enabled in Cloudera Manager > Hue > Configurations. Search Bind Authentication connects to the LDAP server using the credentials provided in the 'bind_dn' and 'bind_password' configurations. If these configurations are not set, then an anonymous search is performed.

If the Use Search Bind Authentication option is not enabled in Cloudera Manager > Hue > Configurations, then do not set the LDAP Bind User credentials as described in this task. You must use the LDAP Username Pattern field for configuring the LDAP credentials, and verify whether the authentication works as expected.

  1. Log in to Cloudera Manager as an Administrator.
  2. Go to Clusters > Hue > Configurations.
  3. Set the LDAP Bind User credentials in the following fields:
    • LDAP Bind User Distinguished Name
    • LDAP Bind Password
    You can specify the LDAP Bind User Distinguished Nameeither in the generic LDAPv3 Distinguished Name ("CN=binduser,OU=users,DC=Example,dc=com") format or the Active Directory style (binduser@EXAMPLE.COM) format.
  4. Click Save Changes.
  5. Restart the Hue service.