Phil created NIFI-11939:
---------------------------
Summary: Nifi shut down on startup if Ldap Bind fails in
authorizers.xml
Key: NIFI-11939
URL: https://issues.apache.org/jira/browse/NIFI-11939
Project: Apache NiFi
Issue Type: Improvement
Components: Configuration
Affects Versions: 1.23.0
Environment: Linux Centos 7
Reporter: Phil
Attachments: ldapbind.txt
When Nifi is started and authorizers.xml is configured with
ldap-user-group-provider
<userGroupProvider>
<identifier>ldap-user-group-provider</identifier>
<class>org.apache.nifi.ldap.tenants.LdapUserGroupProvider</class>
<property name="Authentication Strategy">SIMPLE</property>
If the Ldap Manager DN fails to bind for any reason.
i.e change of password or change DN location of bind user.
Properties --
"Manager DN">CN=svcNifi,CN=Users,DC=lab,DC=ad,DC=local</property>
"Manager Password">badpassword</property>
--------------
Nifi nodes with shutdown on service restart.
This needs to be configurable as there is still the admin certificate available
to allow access to nifi in an emergency.
There are many reason why the Ldap bind user may fail in a production
environment, where separate teams are responsible for AD security and Admin of
Nifi.
Someone unknowingly changing the ldap service account for nifi should not
result in a total Nifi outage if all nodes are restarted.
This happened to us this week where a security team reset the service account
password without understanding the consequences.
Nifi had been up for 299 days prior. A planned outage was performed to update
SSL certificates on all nodes. When the cluster was restarted it immediately
resulted in Nifi shutting down on startup resulting in a 2.5 hour outage while
we tracked down the issue,
I believe this should be fixed asap if there isn't already a flag to control
this behavour on startup on should be added. Its not easy to fault find and can
cause a small planned outage to escalate into something much larger.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
