It does not appear that you have provided a Manager DN or password, nor any keystore or truststore properties. In order to connect over LDAPS, you will need at least a truststore with the public certificate of the LDAPS server (or one of the CAs that signed it) in order to verify the connection. You may also need a keystore containing a private key for this instance if mutual authentication TLS is desired. [1]
Finally, you will need the manager DN and password in order to authenticate into the LDAPS server to perform queries. [1] http://www.openldap.org/doc/admin24/tls.html <http://www.openldap.org/doc/admin24/tls.html> Andy LoPresto [email protected] [email protected] PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On Jul 24, 2017, at 5:41 AM, Matt Gilman <[email protected]> wrote: > > Alex, > > The screenshots did not come through in your message. Can you compare the > DN your authenticating as with the DN of your user in the users.xml file? > These must match. The DN you're authenticating as will be printed in the > <NIFI_HOME>/logs/nifi-user.log file. > > Thanks > > Matt > > On Mon, Jul 24, 2017 at 1:55 AM, Aolong Ding -X (aoding - Insigma Hengtian > at Cisco) <[email protected]> wrote: > >> Hi all, >> >> >> >> I am trying to integrate nifi with ldap, this is my configuration: >> >> <provider> >> <identifier>ldap-provider</identifier> >> <class>org.apache.nifi.ldap.LdapProvider</class> >> <property name="Authentication Strategy">SIMPLE</property> >> <property name="Manager DN"></property> >> <property name="Manager Password"></property> >> <property name="TLS - Keystore"></property> >> <property name="TLS - Keystore Password"></property> >> <property name="TLS - Keystore Type"></property> >> <property name="TLS - Truststore"></property> >> <property name="TLS - Truststore Password"></property> >> <property name="TLS - Truststore Type"></property> >> <property name="TLS - Client Auth"></property> >> <property name="TLS - Protocol"></property> >> <property name="TLS - Shutdown Gracefully"></property> >> >> <property name="Referral Strategy">FOLLOW</property> >> <property name="Connect Timeout">10 secs</property> >> <property name="Read Timeout">10 secs</property> >> <property name="Url">ldaps://*xxxxxxx:port*</property> >> <property name="User Search Base">ou=xxx,o=xxxx</property> >> <property name="User Search Filter">uid={0}</property> >> <property name="Identity Strategy">USE_DN</property> >> <property name="Authentication Expiration">50 minutes</property> >> </provider> >> >> >> >> I can always start nifi, input username and password, if the username and >> password are not correct, it will send an error message to me, so I think >> the configuration is okay, but when I input correct username and password >> then click log in while I am tailing nifi-user.log, there are no output of >> tail command, and on my browser, this is my screen: >> >> After I click home, the tail command will output: >> >> Could anybody give me a hand? >> >> >> >> Thanks >> >> Alex >>
signature.asc
Description: Message signed with OpenPGP using GPGMail
