Thanks. Ironically, there is nothing in there about "users", only "clusters" and its sub-resources.
On Wed, Mar 5, 2014 at 2:47 PM, Yusaku Sako <[email protected]> wrote: > Alex, > > You are welcome. > You might want to check out the API Reference: > https://github.com/apache/ambari/blob/trunk/ambari-server/docs/api/v1/index.md > > Yusaku > > > On Wed, Mar 5, 2014 at 11:43 AM, Alex Nastetsky <[email protected]>wrote: > >> Yusako, this is very helpful! This is exactly what I was looking for. >> >> By the way, is there any documentation about the API somewhere? So far I >> just I just know about the http://localhost:8080/api/v1/users and >> http://localhost:8080/api/v1/ <http://localhost:8080/api/v1/users/>clusters. >> Attempting to access >> http://localhost:8080/api/v<http://localhost:8080/api/v1/users/>1 >> gives a 404. >> >> >> On Wed, Mar 5, 2014 at 1:41 PM, Yusaku Sako <[email protected]>wrote: >> >>> Hi Alex, >>> >>> > Do you mean that admin users CAN change passwords through the API in >>> configs.sh? >>> >>> No, admins cannot change user passwords via configs.sh; configs.sh is a >>> wrapper that uses the API to manage "configuration" objects that do not >>> deal with user passwords. >>> However, admins can change passwords directly via the API (or with a >>> similar wrapper script). >>> Here's an example: >>> >>> curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d >>> '{"Users":{"roles":"admin,user","password":"mysecret","old_password":"admin"}}' >>> http://localhost:8080/api/v1/users/<user-name> >>> >>> where: >>> * "roles" is a comma-delimited list of roles that the user should belong >>> to "admin,user" for admin users; just "user" for non-admin users. >>> * "password" is the new password to set for the user >>> * "old_password" is misleading, but* it's the password of the admin >>> user invoking this call*. If you omit this parameter, the API call >>> seems to go thru, but the password does not actually change. This is a bit >>> redundant and confusing, but that's how it works today... >>> >>> I hope this helps! >>> >>> Yusaku >>> >>> >>> >>> On Wed, Mar 5, 2014 at 8:20 AM, Alex Nastetsky >>> <[email protected]>wrote: >>> >>>> Thanks Yusaku, >>>> >>>> Do you mean that admin users CAN change passwords through the API in >>>> configs.sh? I couldn't find how to do that. None of the CONFIG_TYPE values >>>> seem relevant, they all deal directly with other Hadoop services. >>>> >>>> I'm talking about this: >>>> >>>> <CONFIG_TYPE>: One of the various configuration types in Ambari. >>>> Ex:global, core-site, hdfs-site, mapred-queue-acls, etc. >>>> >>>> >>>> >>>> On Wed, Mar 5, 2014 at 11:11 AM, Yusaku Sako <[email protected]>wrote: >>>> >>>>> Hi Alex, >>>>> >>>>> Ambari can be configured to use a built-in local user store (default) >>>>> or an external LDAP server (including ActiveDirectory), which can be >>>>> managed outside of Ambari. >>>>> Unfortunately the built-in user store is a bit simplistic in that only >>>>> Admins can change the password on behalf of the non-admin user as you >>>>> mentioned. The API currently prevents non-admin users from invoking any >>>>> write operations, including changing their own password, so there is not a >>>>> good way to do this via the API for now. >>>>> >>>>> Yusaku >>>>> On Mar 5, 2014 7:49 AM, "Alex Nastetsky" <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> I keep getting spam errors when I send emails to this list. This is >>>>>> my attempt to circumvent that by putting my message content in a >>>>>> pastebin: >>>>>> >>>>>> http://pastebin.com/raw.php?i=K03dwytn >>>>>> >>>>>> Thanks. >>>>>> >>>>> >>>>> CONFIDENTIALITY NOTICE >>>>> NOTICE: This message is intended for the use of the individual or >>>>> entity to which it is addressed and may contain information that is >>>>> confidential, privileged and exempt from disclosure under applicable law. >>>>> If the reader of this message is not the intended recipient, you are >>>>> hereby >>>>> notified that any printing, copying, dissemination, distribution, >>>>> disclosure or forwarding of this communication is strictly prohibited. If >>>>> you have received this communication in error, please contact the sender >>>>> immediately and delete it from your system. Thank You. >>>> >>>> >>>> >>> >>> CONFIDENTIALITY NOTICE >>> NOTICE: This message is intended for the use of the individual or entity >>> to which it is addressed and may contain information that is confidential, >>> privileged and exempt from disclosure under applicable law. If the reader >>> of this message is not the intended recipient, you are hereby notified that >>> any printing, copying, dissemination, distribution, disclosure or >>> forwarding of this communication is strictly prohibited. If you have >>> received this communication in error, please contact the sender immediately >>> and delete it from your system. Thank You. >>> >> >> > > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity > to which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You. >
