Yes I changed that from USE_DN to USE_USERNAME to do some troubleshooting. Sorry for not changing it back before I sent this stuff out.
> On Apr 10, 2018, at 2:01 PM, Mike Thomsen <[email protected]> wrote: > > Scott, > > In your last email, the way I read it you found part of the problem was using > USE_USERNAME and not USE_DN, have you done a full comparison of the other > config with this one? > > On Tue, Apr 10, 2018 at 2:58 PM, Scott Howell <[email protected] > <mailto:[email protected]>> wrote: > Yes I did, I had Nifi-registry working with a local instances of LDAP > running. It’s now not cooperating since I moved to using Jumpcloud. > > > On Apr 10, 2018, at 1:56 PM, Kevin Doran <[email protected] > > <mailto:[email protected]>> wrote: > > > > Hi Scott, > > > > Did you configure nifi-registry.properties with: > > > > nifi.registry.security.identity.provider=ldap-identity-provider > > > > On 4/10/18, 14:53, "Scott Howell" <[email protected] > > <mailto:[email protected]>> wrote: > > > > Thanks for the all the help yesterday standing up LDAP for NIFI. I was > > able to troubleshoot and fix the issues myself. I am running into a unique > > issue with my Nifi-Registry when I try to login with my LDAP credentials > > like I do for the nifi cluster I get in my logs with this: > > > > 2018-04-10 18:43:15,303 INFO [NiFi Registry Web Server-18] > > o.a.n.r.w.s.NiFiRegistrySecurityConfig AuthenticationEntryPoint invoked as > > no user identity credentials were found in the request. > > > > My identity-providers.xml is this: > > <identityProviders> > > <provider> > > <identifier>ldap-identity-provider</identifier> > > > > <class>org.apache.nifi.registry.security.ldap.LdapIdentityProvider</class> > > <property name="Authentication Strategy">START_TLS</property> > > <property name="Manager > > DN">uid=nifi,ou=Users,o={redacted},dc=jumpcloud,dc=com</property> > > <property name="Manager Password">{redacted}</property> > > <property name="TLS - Keystore”> > > </property> > > <property name="TLS - Keystore Password"></property> > > <property name="TLS - Keystore Type"></property> > > <property name="TLS - > > Truststore">/opt/certs/jumpcloud.jks</property> > > <property name="TLS - Truststore > > Password">{redacted}</property> > > <property name="TLS - Truststore Type">JKS</property> > > <property name="TLS - Client Auth"></property> > > <property name="TLS - Protocol">TLSv1.2</property> > > <property name="TLS - Shutdown Gracefully"></property> > > <property name="Referral Strategy">FOLLOW</property> > > <property name="Connect Timeout">10 secs</property> > > <property name="Read Timeout">10 secs</property> > > <property name="Url">ldap://ldap.jumpcloud.com:389 > > <http://ldap.jumpcloud.com:389/></property> > > <property name="User Search > > Base">ou=Users,o={redacted},dc=jumpcloud,dc=com</property> > > <property name="User Search Filter">uid={0}</property> > > <property name="Identity Strategy">USE_USERNAME</property> > > <property name="Authentication Expiration">12 > > hours</property> > > </provider> > > </identityProviders> > > > > For the most part I grabbed most of this from my Nifi node > > login-identity-providers.xml but I seem to have something messed up. > > > > > >
