Hi Bala… Was anyone able to answer your question or have you solved this yourself.
Without seeing you schema it’s hard to tell what the issue is. However for the object class “groupOfNames”, it is expected that the “member” attribute is the “dn” of the user objects that exist in the group. Can you make sure this is the case? Also, have you checked the ambari-server.log to see if there are any interesting errors related to this? Rob On 10/19/15, 4:22 PM, "bjonnakuti" <[email protected]> wrote: >Hi, > >I am trying to use LDAP authentication for ambari. I am able to sync >users and groups but unable to sync group memberships. Below are the >details. > >Ambari Version : 2.1.2 >LDAP Version: openldap-2.4.31 > >*Ambari Configuration:* >authentication.ldap.baseDn=dc=qbe,dc=fulcrm,dc=com >authentication.ldap.bindAnonymously=false >authentication.ldap.dnAttribute=dn >authentication.ldap.groupMembershipAttr=member >authentication.ldap.groupNamingAttr=cn >authentication.ldap.groupObjectClass=groupOfNames >authentication.ldap.managerDn=cn=admin,dc=qbe,dc=fulcrm,dc=com >authentication.ldap.managerPassword=/etc/ambari-server/conf/ldap-password.dat >authentication.ldap.primaryUrl=10.206.0.24:389 >authentication.ldap.referral=ignore >authentication.ldap.useSSL=false >authentication.ldap.userObjectClass=person >authentication.ldap.usernameAttribute=uid > >We used member attribute to link the users to group. Can you please help >me fixing this issue. > >Thanks, >Bala
