LDAP search fails with invalid credentials error

You are unable to log in to Hue and LDAP authentication fails with an "Invalid credentials" error.

Cause

This could be because of some misconfigured LDAP settings.

Solution

  1. Log in to Cloudera Manager as an Administrator.
  2. Go to Clusters > Hue service > Configuration and add the following lines in the field:
    [[ldap]]
    ldap_url=ldap://[***LDAP-SERVER***]:389 #or ldaps://[***LDAP-SERVER***]:636
    search_bind_authentication=true
    create_users_on_login=true
    base_dn="DC=adv,DC=sec,DC=mycompany,DC=com"
    bind_dn="binduser@adv.sec.mycompany.com"
    bind_password_script={{CMF_CONF_DIR}}/altscript.sh sec-5-bind_password
    test_ldap_user="[***LDAP-USERNAME***]"
    [[[users]]]
    user_filter="objectclass=person"
    user_name_attr="sAMAccountName"
    [[[groups]]]
    group_filter="objectclass=group"
    group_name_attr="CN"
    group_member_attr="member"
    [[ldap]]
    ldap_url=ldap://test1-2.adv.sec.cloudera.com:389
    search_bind_authentication=true
    create_users_on_login=true
    base_dn="DC=adv,DC=sec,DC=cloudera,DC=com"
    bind_dn="binduser@adv.sec.cloudera.com"
    bind_password_script={{CMF_CONF_DIR}}/altscript.sh sec-5-bind_password
    test_ldap_user="johnsmith"
    [[[users]]]
    user_filter="objectclass=person"
    user_name_attr="sAMAccountName"
    [[[groups]]]
    group_filter="objectclass=group"
    group_name_attr="CN"
    group_member_attr="member"
  3. Click Save Changes.
  4. Restart the Hue service.