[
https://issues.apache.org/jira/browse/AMBARI-18860?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15663805#comment-15663805
]
Hudson commented on AMBARI-18860:
---------------------------------
SUCCESS: Integrated in Jenkins build Ambari-branch-2.5 #314 (See
[https://builds.apache.org/job/Ambari-branch-2.5/314/])
AMBARI-18860. LDAPS must be used to communicate with an Active Directory
(vbrodetskyi:
[http://git-wip-us.apache.org/repos/asf?p=ambari.git&a=commit&h=2fdd066cf9eb81025738d75a5b8a0f1e83e4e85b])
* (edit)
ambari-server/src/test/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.java
* (edit)
ambari-server/src/main/java/org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandler.java
> LDAPS must be used to communicate with an Active Directory when Kerberos is
> being enabled (BE)
> ----------------------------------------------------------------------------------------------
>
> Key: AMBARI-18860
> URL: https://issues.apache.org/jira/browse/AMBARI-18860
> Project: Ambari
> Issue Type: Task
> Components: ambari-server
> Affects Versions: 2.0.0
> Reporter: Vitaly Brodetskyi
> Assignee: Vitaly Brodetskyi
> Fix For: 2.5.0
>
> Attachments: AMBARI-18860.patch
>
>
> LDAPS must be used to communicate with an Active Directory when Kerberos is
> being enabled.
> This should be verified on input by the backend to ensure that the proper
> channel is open between Ambari and the Active Directory so Ambari can set and
> update passwords when managing accounts in the Active Directory.
> The LDAP URL, kerberos-env/ldap_url field must have the protocol set to ldaps
> rather than ldap (or anything else). Ideally the port is set correctly, be we
> cannot validate that since the LDAPS port can be changed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
