Repository: ambari Updated Branches: refs/heads/branch-2.0.0 8b4ef2b69 -> 7f19da96c
AMBARI-9937. Ambari must support deployment on separate host (rlevas) Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/7f19da96 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/7f19da96 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/7f19da96 Branch: refs/heads/branch-2.0.0 Commit: 7f19da96cec63ce0d1c69e1be938e1b31e77f8f1 Parents: 8b4ef2b Author: Robert Levas <rle...@hortonworks.com> Authored: Mon Mar 9 15:06:55 2015 -0400 Committer: Robert Levas <rle...@hortonworks.com> Committed: Mon Mar 9 15:09:29 2015 -0400 ---------------------------------------------------------------------- .../KERBEROS/configuration/kerberos-env.xml | 104 +++++++++++++++++++ 1 file changed, 104 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/7f19da96/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml new file mode 100644 index 0000000..31833cb --- /dev/null +++ b/ambari-server/src/main/resources/stacks/HDP/2.2.GlusterFS/services/KERBEROS/configuration/kerberos-env.xml @@ -0,0 +1,104 @@ +<?xml version="1.0"?> +<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> +<!-- +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +--> + +<configuration supports_final="false"> + <property require-input="true"> + <name>kdc_type</name> + <description> + The type of KDC being used. Either mit-kdc or active-directory + </description> + <value>mit-kdc</value> + </property> + + <property require-input="true"> + <name>ldap_url</name> + <description> + The URL to the Active Directory LDAP Interface + </description> + <value/> + </property> + + <property require-input="true"> + <name>container_dn</name> + <description> + The distinguished name (DN) of the container used store service principals + </description> + <value/> + </property> + + <property require-input="true"> + <name>encryption_types</name> + <description> + The supported list of session key encryption types that should be returned by the KDC. + </description> + <value>aes des3-cbc-sha1 rc4 des-cbc-md5</value> + </property> + + <property require-input="true"> + <name>realm</name> + <description> + The default realm to use when creating service principals + </description> + <value/> + </property> + + <property require-input="true"> + <name>kdc_host</name> + <description> + The IP address or FQDN for the KDC host. Optionally a port number may be included. + </description> + <value/> + </property> + + <property> + <name>admin_server_host</name> + <description> + The IP address or FQDN for the KDC Kerberos administrative host. Optionally a port number may be included. + </description> + <value/> + </property> + + + <property require-input="true"> + <name>create_attributes_template</name> + <description> + A Velocity template to use to generate a JSON-formatted document containing the set of + attribute names and values needed to create a new Kerberos identity in the relevant KDC. + Variables include: + principal_name, principal_primary, principal_instance, realm, realm_lowercase, + normalized_principal, principal digest, password, is_service, container_dn + </description> + <value> +{ + "objectClass": ["top", "person", "organizationalPerson", "user"], + "cn": "$principal_name", + #if( $is_service ) + "servicePrincipalName": "$principal_name", + #end + "userPrincipalName": "$normalized_principal", + "unicodePwd": "$password", + "accountExpires": "0", + "userAccountControl": "66048" +} + </value> + </property> +</configuration>