[jira] [Created] (AMBARI-24951) Use Ambari CLI to specify which services should be setup for LDAP integration

Mon, 26 Nov 2018 02:03:29 -0800 

Sandor Molnar created AMBARI-24951:
--------------------------------------

             Summary: Use Ambari CLI to specify which services should be setup 
for LDAP integration
                 Key: AMBARI-24951
                 URL: https://issues.apache.org/jira/browse/AMBARI-24951
             Project: Ambari
          Issue Type: Task
          Components: ambari-server
    Affects Versions: 2.8.0
            Reporter: Sandor Molnar
            Assignee: Sandor Molnar
             Fix For: 2.8.0


Use Ambari CLI to specify which services should be setup for LDAP integration.
{noformat:title=Example}
[root@c7402 ~]# ambari-server setup-ldap
Using python  /usr/bin/python
Currently 'no auth method' is configured, do you wish to use LDAP instead [y/n] 
(y)? y
Enter Ambari Admin login: admin
Enter Ambari Admin password:

Fetching LDAP configuration from DB. No configuration.
Please select the type of LDAP you want to use [AD/IPA/Generic](Generic):
Primary LDAP Host (ldap.ambari.apache.org): c7401.ambari.apache.org
Primary LDAP Port (389):
Secondary LDAP Host <Optional>:
Secondary LDAP Port <Optional>:
Use SSL [true/false] (false):
User object class (posixUser):
User ID attribute (uid):
User group member attribute (memberOf): 
Group object class (posixGroup):
Group name attribute (cn):
Group member attribute (memberUid):
Distinguished name attribute (dn):
Search Base (dc=ambari,dc=apache,dc=org):
Referral method [follow/ignore] (follow):
Bind anonymously [true/false] (false):
Bind DN (uid=ldapbind,cn=users,dc=ambari,dc=apache,dc=org): 
uid=admin,cn=users,dc=ambari,dc=apache,dc=org
Enter Bind DN Password:
Confirm Bind DN Password:
Handling behavior for username collisions [convert/skip] for LDAP sync (skip):
Force lower-case user names [true/false]:true
Results from LDAP are paginated when requested [true/false]:true
Use LDAP authentication for Ambari [y/n] (n)?
Manage LDAP configurations for eligible services [y/n] (n)? y
 Manage LDAP for all services [y/n] (n)?
    Manage LDAP for HDFS [y/n] (y)? y
    Manage LDAP for YARN [y/n] (y)? y
    ...
Save settings [y/n] (y)? y
Saving LDAP properties...
Saving LDAP properties finished
Ambari Server 'setup-ldap' completed successfully.
{noformat}
NOTE: this will require obtaining an Ambari administrator username and password 
to GET, PUT, and POST to the Ambari REST API.

Note: "User group member attribute (memberOf)" is to be added to populate the 
existing {{ambari.ldap.attributes.user.group_member_attr}} Ambari configuration 
property (See 
{{org.apache.ambari.server.configuration.AmbariServerConfigurationKey#USER_GROUP_MEMBER_ATTRIBUTE}})



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to