[
https://issues.apache.org/jira/browse/AMBARI-24187?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated AMBARI-24187:
------------------------------------
Labels: pull-request-available (was: )
> Ambari Server Setup LDAP Label Updates
> --------------------------------------
>
> Key: AMBARI-24187
> URL: https://issues.apache.org/jira/browse/AMBARI-24187
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.7.0
> Reporter: Krisztian Kasa
> Assignee: Krisztian Kasa
> Priority: Major
> Labels: pull-request-available
> Fix For: 2.7.1
>
>
> Ask users to select ldap type ( AD, IPA, generic ldap) and provide inteligent
> defaults based on their choice:
> Active Directory
> {code:java}
> # ambari-server setup-ldap
> Using python /usr/bin/python
> Currently 'no auth method' is configured, do you wish to use LDAP instead
> [y/n] (y)?
> Primary LDAP Host:
> Primary LDAP Port:
> Secondary LDAP Host <Optional>:
> Secondary LDAP Port <Optional>:
> Use SSL [true/false] (false):
> User object class (user):
> User ID attribute (sAMAccountName):
> Group object class (group):
> Group name attribute (cn):
> Group member attribute (member):
> Distinguished name attribute (distinguishedName):
> Search Base (dc=ambari,dc=apache,dc=org):
> User Search Base (ou=users,dc=ambari,dc=apache,dc=org):
> Group Search Base (ou=groups,dc=ambari,dc=apache,dc=org):
> Referral method [follow/ignore] (follow):
> Bind anonymously [true/false] (false):
> Bind DN (cn=ldapbind,dc=ambari,dc=apache,dc=org):
> Enter Bind DN Password:
> Confirm Bind DN Password:
> Handling behavior for username collisions [convert/skip] for LDAP sync
> (skip):
> Force lower-case user names [true/false] (true):
> Results from LDAP are paginated when requested [true/false] (false):
> {code}
> IPA (very similar to generic ldap, but needs explicit search customization
> into cn=accounts (or cn=compat) else it returns 2 search results which tends
> to cause problems)
> {code:java}
> {code:java}
> # ambari-server setup-ldap
> Using python /usr/bin/python
> Currently 'no auth method' is configured, do you wish to use LDAP instead
> [y/n] (y)?
> Primary LDAP Host (ipa.ambari.apache.org):
> Primary LDAP Port (636):
> Secondary LDAP Host <Optional>:
> Secondary LDAP Port <Optional>:
> Use SSL [true/false] (true):
> Do you want to provide custom TrustStore for Ambari [y/n] (y)?
> TrustStore type [jks/jceks/pkcs12] (jks):
> Path to TrustStore file (/etc/pki/java/cacerts):
> Password for TrustStore (changeit):
> User object class (posixUser):
> User ID attribute (uid):
> Group object class (posixGroup):
> Group name attribute (cn):
> Group member attribute (memberUid):
> Distinguished name attribute (dn):
> Search Base (dc=ambari,dc=apache,dc=org):
> User Search Base (cn=users,cn=accounts,dc=ambari,dc=apache,dc=org):
> Group Search Base (cn=groups,cn=accounts,dc=ambari,dc=apache,dc=org):
> Referral method [follow/ignore] (follow):
> Bind anonymously [true/false] (false):
> Bind DN ( uid=ldapbind,cn=users,cn=accounts,dc=ambari,dc=apache,dc=org):
> Enter Bind DN Password:
> Confirm Bind DN Password:
> Handling behavior for username collisions [convert/skip] for LDAP sync
> (skip):
> {code}
> Generic LDAP (defaults here need validation, i'm not as familiar with this
> one)
> {code:java}
> # ambari-server setup-ldap
> Using python /usr/bin/python
> Currently 'no auth method' is configured, do you wish to use LDAP instead
> [y/n] (y)?
> Primary LDAP Host (ldap.ambari.apache.org):
> Primary LDAP Port (389):
> Secondary LDAP Host <Optional>:
> Secondary LDAP Port <Optional>:
> Use SSL [true/false] (false):
> Do you want to provide custom TrustStore for Ambari [y/n] (n)?
> User object class (posixUser):
> User ID attribute (uid):
> Group object class (posixGroup):
> Group name attribute (cn):
> Group member attribute (memberUid):
> Distinguished name attribute (dn):
> Search Base (dc=ambari,dc=apache,dc=org):
> User Search Base (cn=users,dc=ambari,dc=apache,dc=org):
> Group Search Base (cn=groups,dc=ambari,dc=apache,dc=org):
> Referral method [follow/ignore] (follow):
> Bind anonymously [true/false] (false):
> Bind DN ( uid=ldapbind,cn=users,dc=ambari,dc=apache,dc=org):
> Enter Bind DN Password:
> Confirm Bind DN Password:
> Handling behavior for username collisions [convert/skip] for LDAP sync
> (skip):
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
