[
https://issues.apache.org/jira/browse/AMBARI-8737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hari Sekhon updated AMBARI-8737:
--------------------------------
Description:
Ambari LDAP useres currently require local Ambari accounts. However when
creating local accounts it insists on a local password being given - and
testing shows it allows login via either the local password or the ldap
password when they are different.
There should be an option to set the user to be ldap only and store no password.
I can see this should probably have been done via sync-ldap instead... but
allowing either the local or the ldap password seems a bit buggy to me, surely
ldap should take priority and local password should not be allowed at that
point.
was:
Ambari LDAP useres currently require local Ambari accounts. However when
creating local accounts it insists on a local password being given - and
testing shows it allows login via either the local password or the ldap
password when they are different.
There should be an option to set the user to be ldap only and store no password.
> LDAP users require local accounts
> ---------------------------------
>
> Key: AMBARI-8737
> URL: https://issues.apache.org/jira/browse/AMBARI-8737
> Project: Ambari
> Issue Type: Improvement
> Affects Versions: 1.7.0
> Reporter: Hari Sekhon
> Priority: Minor
>
> Ambari LDAP useres currently require local Ambari accounts. However when
> creating local accounts it insists on a local password being given - and
> testing shows it allows login via either the local password or the ldap
> password when they are different.
> There should be an option to set the user to be ldap only and store no
> password.
> I can see this should probably have been done via sync-ldap instead... but
> allowing either the local or the ldap password seems a bit buggy to me,
> surely ldap should take priority and local password should not be allowed at
> that point.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
