Sorry, I meant https://issues.apache.org/jira/browse/AMBARI-4963
On Wed, Mar 5, 2014 at 12:07 PM, Yusaku Sako <[email protected]> wrote: > Good point. "Users" should be added to the doc. > Created a JIRA: https://issues.apache.org/jira/browse/AMBARI-4962 > > Yusaku > > > On Wed, Mar 5, 2014 at 12:04 PM, Alex Nastetsky <[email protected]>wrote: > >> Thanks. Ironically, there is nothing in there about "users", only >> "clusters" and its sub-resources. >> >> >> On Wed, Mar 5, 2014 at 2:47 PM, Yusaku Sako <[email protected]>wrote: >> >>> Alex, >>> >>> You are welcome. >>> You might want to check out the API Reference: >>> https://github.com/apache/ambari/blob/trunk/ambari-server/docs/api/v1/index.md >>> >>> Yusaku >>> >>> >>> On Wed, Mar 5, 2014 at 11:43 AM, Alex Nastetsky >>> <[email protected]>wrote: >>> >>>> Yusako, this is very helpful! This is exactly what I was looking for. >>>> >>>> By the way, is there any documentation about the API somewhere? So far >>>> I just I just know about the http://localhost:8080/api/v1/users and >>>> http://localhost:8080/api/v1/ >>>> <http://localhost:8080/api/v1/users/>clusters. >>>> Attempting to access >>>> http://localhost:8080/api/v<http://localhost:8080/api/v1/users/>1 >>>> gives a 404. >>>> >>>> >>>> On Wed, Mar 5, 2014 at 1:41 PM, Yusaku Sako <[email protected]>wrote: >>>> >>>>> Hi Alex, >>>>> >>>>> > Do you mean that admin users CAN change passwords through the API >>>>> in configs.sh? >>>>> >>>>> No, admins cannot change user passwords via configs.sh; configs.sh is >>>>> a wrapper that uses the API to manage "configuration" objects that do not >>>>> deal with user passwords. >>>>> However, admins can change passwords directly via the API (or with a >>>>> similar wrapper script). >>>>> Here's an example: >>>>> >>>>> curl -i -uadmin:admin -H "X-Requested-By: ambari" -X PUT -d >>>>> '{"Users":{"roles":"admin,user","password":"mysecret","old_password":"admin"}}' >>>>> http://localhost:8080/api/v1/users/<user-name> >>>>> >>>>> where: >>>>> * "roles" is a comma-delimited list of roles that the user should >>>>> belong to "admin,user" for admin users; just "user" for non-admin users. >>>>> * "password" is the new password to set for the user >>>>> * "old_password" is misleading, but* it's the password of the admin >>>>> user invoking this call*. If you omit this parameter, the API call >>>>> seems to go thru, but the password does not actually change. This is a >>>>> bit >>>>> redundant and confusing, but that's how it works today... >>>>> >>>>> I hope this helps! >>>>> >>>>> Yusaku >>>>> >>>>> >>>>> >>>>> On Wed, Mar 5, 2014 at 8:20 AM, Alex Nastetsky <[email protected] >>>>> > wrote: >>>>> >>>>>> Thanks Yusaku, >>>>>> >>>>>> Do you mean that admin users CAN change passwords through the API in >>>>>> configs.sh? I couldn't find how to do that. None of the CONFIG_TYPE >>>>>> values >>>>>> seem relevant, they all deal directly with other Hadoop services. >>>>>> >>>>>> I'm talking about this: >>>>>> >>>>>> <CONFIG_TYPE>: One of the various configuration types in Ambari. >>>>>> Ex:global, core-site, hdfs-site, mapred-queue-acls, etc. >>>>>> >>>>>> >>>>>> >>>>>> On Wed, Mar 5, 2014 at 11:11 AM, Yusaku Sako >>>>>> <[email protected]>wrote: >>>>>> >>>>>>> Hi Alex, >>>>>>> >>>>>>> Ambari can be configured to use a built-in local user store >>>>>>> (default) or an external LDAP server (including ActiveDirectory), which >>>>>>> can >>>>>>> be managed outside of Ambari. >>>>>>> Unfortunately the built-in user store is a bit simplistic in that >>>>>>> only Admins can change the password on behalf of the non-admin user as >>>>>>> you >>>>>>> mentioned. The API currently prevents non-admin users from invoking any >>>>>>> write operations, including changing their own password, so there is >>>>>>> not a >>>>>>> good way to do this via the API for now. >>>>>>> >>>>>>> Yusaku >>>>>>> On Mar 5, 2014 7:49 AM, "Alex Nastetsky" <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> I keep getting spam errors when I send emails to this list. This is >>>>>>>> my attempt to circumvent that by putting my message content in a >>>>>>>> pastebin: >>>>>>>> >>>>>>>> http://pastebin.com/raw.php?i=K03dwytn >>>>>>>> >>>>>>>> Thanks. >>>>>>>> >>>>>>> >>>>>>> CONFIDENTIALITY NOTICE >>>>>>> NOTICE: This message is intended for the use of the individual or >>>>>>> entity to which it is addressed and may contain information that is >>>>>>> confidential, privileged and exempt from disclosure under applicable >>>>>>> law. >>>>>>> If the reader of this message is not the intended recipient, you are >>>>>>> hereby >>>>>>> notified that any printing, copying, dissemination, distribution, >>>>>>> disclosure or forwarding of this communication is strictly prohibited. >>>>>>> If >>>>>>> you have received this communication in error, please contact the sender >>>>>>> immediately and delete it from your system. Thank You. >>>>>> >>>>>> >>>>>> >>>>> >>>>> CONFIDENTIALITY NOTICE >>>>> NOTICE: This message is intended for the use of the individual or >>>>> entity to which it is addressed and may contain information that is >>>>> confidential, privileged and exempt from disclosure under applicable law. >>>>> If the reader of this message is not the intended recipient, you are >>>>> hereby >>>>> notified that any printing, copying, dissemination, distribution, >>>>> disclosure or forwarding of this communication is strictly prohibited. If >>>>> you have received this communication in error, please contact the sender >>>>> immediately and delete it from your system. Thank You. >>>>> >>>> >>>> >>> >>> CONFIDENTIALITY NOTICE >>> NOTICE: This message is intended for the use of the individual or entity >>> to which it is addressed and may contain information that is confidential, >>> privileged and exempt from disclosure under applicable law. If the reader >>> of this message is not the intended recipient, you are hereby notified that >>> any printing, copying, dissemination, distribution, disclosure or >>> forwarding of this communication is strictly prohibited. If you have >>> received this communication in error, please contact the sender immediately >>> and delete it from your system. Thank You. >>> >> >> > -- CONFIDENTIALITY NOTICE NOTICE: This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential, privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any printing, copying, dissemination, distribution, disclosure or forwarding of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and delete it from your system. Thank You.
