Securing Cloudera SearchPDF version

Enable LDAP authentication in Solr

You can configure LDAP-based authentication using Cloudera Manager at the Solr service level.

Solr supports LDAP authentication for external Solr clients including:
  • Command-line tools
  • curl
  • Web browsers
  • Solr Java clients
In some cases, Solr does not support LDAP authentication. Use Kerberos authentication instead in these cases. Solr does not support LDAP authentication with:
  • Search indexing components including the MapReduce indexer and Lily HBase indexer.
  • Solr internal requests such as those for replication or querying.
  • Hadoop delegation token management requests such as GETDELEGATIONTOKEN or RENEWDELEGATIONTOKEN.
  • Configuring LDAP authentication requires that Kerberos authentication is already configured and enabled in Solr.
  • For secure LDAP connections, it is a prerequisite that TLS/SSL has been configured and enabled in Solr.
  1. In Cloudera Manager select the Solr service.
  2. Click the Configuration tab.
  3. Select Scope > Solr.
  4. Select Category > Security.
  5. Select Enable LDAP Authentication.
  6. Enter the LDAP URL in the LDAP URL property.
    To configure a TLS encrypted LDAP connection, select one of the following options:
    • ldaps://<ldap_server>:<port>

      The default port is 636.

    OR

    • ldap://<ldap_server>:<port>

      The default port is 389.

      Select Enable LDAP TLS. This is not required when using an LDAP URL with prefix ldaps://, because that already specifies TLS.

    To configure LDAP with unencrypted transmission of usernames and passwords, set ldap://<ldap_server>:<port>, without setting Enable LDAP TLS.
  7. Configure only one of following mutually exclusive parameters:
    • LDAP BaseDN: Replaces the username with a "distinguished name" (DN) of the form: uid=userid,ldap_baseDN. Typically used for OpenLDAP server installation.
    • Active Directory Domain: Replaces the username with a string username@ldap_domain. Typically used for Active Directory server installation.
  8. Launch the Stale Configuration wizard to restart the Solr service and any dependent services.

We want your opinion

How can we improve this page?

What kind of feedback do you have?