Re: Unknown user w/ Docker image

[Kevin Doran]

Sorry, meant to include the link to start.sh, which is in our codebase [1].  
I’m only pointing it out b/c it looked like in your Docker compose file that 
you wanted this to be an LDAP demo.

 

[1] 
https://github.com/apache/nifi/blob/master/nifi-docker/dockerhub/sh/start.sh#L30

 

From: Kevin Doran <kdo...@apache.org>
Date: Thursday, March 22, 2018 at 08:27
To: <users@nifi.apache.org>
Subject: Re: Unknown user w/ Docker image

 

Good eye, Pierre.

 

Mike, unrelated to the initial admin question, but anticipating something you 
might run int o after you get that part working. Change the "AUTH=tls" 
environment variable value to "AUTH=ldap". (I know the README file for the 
docker image uses ‘AUTH=tls’ in the documentation for LDAP setup; that is an 
error.­ I’ll open a PR to correct the documentation. To confirm how it works, 
look at the start.sh file)

 

Cheers,
Kevin

 

From: Mike Thomsen <mikerthom...@gmail.com>
Reply-To: <users@nifi.apache.org>
Date: Thursday, March 22, 2018 at 08:25
To: <users@nifi.apache.org>
Subject: Re: Unknown user w/ Docker image

 

They were. I did a copy from the Docker Hub page and didn't think they'd harm 
anything in the YAML. Removing them got initialAdmin to work.

 

On Thu, Mar 22, 2018 at 8:20 AM, Pierre Villard <pierre.villard...@gmail.com> 
wrote:

Hmmm no... the single quotes must be the issue here... I would expect
identity="CN=initialAdmin, OU=NIFI"

In your yaml file, I'd try to use double quotes around your property values.

 

2018-03-22 13:16 GMT+01:00 Mike Thomsen <mikerthom...@gmail.com>:

Yeah, that's the weird part. It looks valid to me:

 

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<tenants>

    <groups/>

    <users>

        <user identifier="f481771c-47d3-323f-b1c0-902b68e221e1" 
identity="'CN=initialAdmin, OU=NIFI'"/>

    </users>

</tenants>

 

 

On Thu, Mar 22, 2018 at 8:07 AM, Pierre Villard <pierre.villard...@gmail.com> 
wrote:

Hey Mike,

Can you check the users.xml file created by NiFi when it started for the first 
time?

 

2018-03-22 12:41 GMT+01:00 Mike Thomsen <mikerthom...@gmail.com>:

I'm trying to use the Docker image to set up a secure NiFi demo, and am running 
into this error:

 

Unknown user with identity 'CN=initialAdmin, OU=NIFI'. Contact the system 
administrator.

 

SSL works, I verified that the owner in the cert is "CN=initialAdmin, OU=NIFI"

 

I've attached the Docker Compose configuration that I'm using. Any input would 
be appreciated.

 

Thanks,

 

Mike