Port requirements for AD in Cloudera Data Warehouse on premisesd
Review the ports that you must use for Active Directory (AD) in Cloudera Data Warehouse on premises. Cloudera recommends that you use AD Global Catalog ports 3268 and 3269 if you are using LDAP referrals.
In Cloudera Data Warehouse, neither Hive nor Impala can use the standard LDAP
referrals. Therefore, you cannot use the standard LDAP ports 389
and 636
for
TLS/SSL with AD. Instead, you must use Active Directory Global Catalog ports 3268
and
3269
for TLS/SSL.
Cloudera Data Warehouse performs port validation when you activate an environment
in Cloudera Data Warehouse. The validation process only indicates a problem if you
have configured AD, but you have not included a port in the LDAP URL in the Cloudera Management Console. In this scenario, the Database Catalog does not reach the
Ready state, and you see the following error:
Active Directory servers should be used through the Global Catalog ports: 3268/3269If you specify any port number in the LDAP URL, then no error message is displayed.
