[
https://issues.apache.org/jira/browse/AMBARI-10709?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Laser updated AMBARI-10709:
---------------------------
Description:
Currently Amabari project does not provide a way for very security conscious
clients to get editable scripts to be run on their system .
In a real world scenario with enterprise level customers, there will be no way
that these customers will let the Ambari wizard run anything on the
organization LDAP server .
What we suggest to contribute is a framework which is based on "IBM''s
kerberos automation toolkit for hadoop ", more details can be found here :
https://developer.ibm.com/hadoop/blog/2014/12/11/ibms-kerberos-automation-toolkit-hadoop/
This toolkit supports building scripts and other resources for both "openLDAP"
and "Active Directory" in order to ease up the configuration of kerberos on
hadoop enviornments for security concious clients . these scripts and artifacts
are created based on the clients topology . and have been tested at various
client sites.
was:
Currently Amabari project does not provide a way for very security conscious
clients to get editable scripts to be run on their system .
In a real world scenario with enterprise level customers, there will be no way
that these customers will let the Ambari wizard run anything on the
organization LDAP server .
What we suggest to contribute is a framework which is based on "IBM''s
kerberos automation toolkit for hadoop ", more details can be found here :
https://developer.ibm.com/hadoop/blog/2014/12/11/ibms-kerberos-automation-toolkit-hadoop/
This toolkit supports building scripts and other resources in order to ease up
the enablement of kerberos on hadoop enviornments for security concious clients
. these scripts and artifacts are created based on the clients topology . and
have been tested at various client sites.
> Kerberos automation via generated scripts
> -----------------------------------------
>
> Key: AMBARI-10709
> URL: https://issues.apache.org/jira/browse/AMBARI-10709
> Project: Ambari
> Issue Type: New Feature
> Components: security
> Reporter: Laser
>
> Currently Amabari project does not provide a way for very security conscious
> clients to get editable scripts to be run on their system .
> In a real world scenario with enterprise level customers, there will be no
> way that these customers will let the Ambari wizard run anything on the
> organization LDAP server .
> What we suggest to contribute is a framework which is based on "IBM''s
> kerberos automation toolkit for hadoop ", more details can be found here :
> https://developer.ibm.com/hadoop/blog/2014/12/11/ibms-kerberos-automation-toolkit-hadoop/
> This toolkit supports building scripts and other resources for both
> "openLDAP" and "Active Directory" in order to ease up the configuration of
> kerberos on hadoop enviornments for security concious clients . these scripts
> and artifacts are created based on the clients topology . and have been
> tested at various client sites.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
