Reply
Highlighted
New Contributor
Posts: 3
Registered: ‎07-10-2014

Direct Integration with AD

I see that in 5.1 direct integration with the AD is possible. The documentation on integration with AD contains the cross realm trust using MIT local kerberos server. Which is available from early releases too.

 

Could you please explain whether there is any other way which is not documented for direct integration with AD?

 

 

Cloudera Employee
Posts: 225
Registered: ‎09-23-2013

Re: Direct Integration with AD

The current documentation for CM / CDH 5 covers being able to use direct to AD integration where Cloudera Manager maintains the Kerberos principals in AD. This does not require cross realm authentication.

http://www.cloudera.com/content/cloudera-content/cloudera-docs/CM5/latest/Configuring-Hadoop-Securit...

This is not provided in the 4.x release.

What is it your are looking for? Manual management of principals in AD for cloudera manager? This is a very complicated and error prone approach to doing things. We do not document this approach as it generally causes more problems as change/add/delete of nodes from the topology becomes a point of human error causing potential outage.

Todd
Announcements