Securing HuePDF version

Import and synchronize users and groups with an LDAP server in Hue

Configuring Hue for Lightweight Directory Access Protocol (LDAP) enables you to import users and groups from a directory service, synchronize group membership manually or automatically at login, and authenticate users with LDAP.

To synchronize your Hue users and groups with your LDAP server:
  • Hue must be configured to authenticate with LDAP.
  • The logged in user must have Hue superuser permissions.

There are four LDAP import and sync options in Hue:

LDAP Sync Action Description
Add/Sync LDAP user Import and synchronize one user at a time
Sync LDAP users/groups Synchronize user memberships in all groups
Add/Sync LDAP group Import and synchronize all users in one group
sync_groups_at_login Automatically synchronize group membership at login
  1. Import and synchronize LDAP users in Hue:


    To import and synchronize one LDAP user in Hue:
    1. Log on to the Hue UI as a superuser.
    2. Go to User Admin > Users.
    3. Click Add/Sync LDAP user.
    4. Add a username, check Create home directory, and click Add/Sync user.
    To synchronize group memberships for LDAP users who have already been imported to Hue:
    1. Log on to the Hue UI as a superuser.
    2. Go to User Admin > Users.
    3. Click Sync LDAP users/groups.
    4. Check Create home directories, and click Sync.
  2. Import and synchronize LDAP groups in Hue:


    To import and synchronize one LDAP group containing its users:
    1. Log on to the Hue UI as a superuser.
    2. Go to User Admin > Groups.
    3. Click Add/Sync LDAP group.
    4. Check Create home directories, and click Sync.
    To configure Hue to automatically synchronize LDAP groups and their users when they log in to Hue:
    1. Log on to Cloudera Manager and click Hue.
    2. Click the Configuration tab and filter by scope=Service-wide and category=Advanced.
    3. Enter the following text in the Hue Service Advanced Configuration Snippet (Safety Valve) for hue_safety_valve.ini text box:

      [desktop]
      [[ldap]]
        sync_groups_on_login=true


    4. Click Save Changes and Restart Hue.